The vulnerability CVE-2026-31431, nicknamed "Copy Fail," is a high-severity local privilege escalation flaw in the Linux kernel with a CVSS 3.1 score of 7.8, stemming from the interaction of multiple kernel changes over time. A publicly available proof-of-concept exploit exists, and the flaw has affected virtually every major Linux distribution shipped since 2017.
Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit is publicly available. About CVE-2026-31431 According to Theori researchers, CVE-2026-31431 originates from the interaction of three reasonable kernel changes made over several years: the addition of authencesn (an AEAD cryptographic wrapper used by IPsec) in 2011, … More → The post Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) appeared first on Help Net Security .