New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

Published: 1 week ago (April 30, 2026 at 05:24 AM EDT)

1 min read

Source: The Hacker News

Overview

Cybersecurity researchers have disclosed a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root privileges.

Vulnerability Details

CVE: CVE‑2026‑31431
CVSS Score: 7.8 (high severity)
Codename: “Copy Fail” (named by Xint.io and Theori)

Exploitation Mechanics

An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux system, enabling escalation to root.

Impact

The vulnerability affects major Linux distributions that use the affected kernel components, potentially allowing attackers with local access to gain full system control.

Mitigation

Apply the security patches released by your distribution as soon as they become available.
Until patches are applied, limit local user access to untrusted parties and monitor for suspicious activity involving file cache manipulation.

References

CVE‑2026‑31431 entry (link to official CVE database)
Security advisory from Xint.io
Security advisory from Theori

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

Overview

Vulnerability Details

Exploitation Mechanics

Impact

Mitigation

References

Related posts

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers

Severe Linux Copy Fail security flaw uncovered using AI scanning help

CISA says ‘Copy Fail’ flaw now exploited to root Linux systems