The Copy Fail vulnerability (CVE-2026-31431, CVSS 7.8 HIGH) allows local privilege escalation via a small script that modifies the page cache, enabling an unprivileged user to gain root access and potentially cross container boundaries.
This new Linux kernel bug called Copy Fail (CVE-2026-31431) is kinda terrifying because it’s not complicated at all. A normal user can run a tiny 732-byte script and get root, no race conditions or luck required, and it works across major distros like Ubuntu, RHEL, and SUSE. The exploit quietly modifies the page cache instead of the file on disk, so integrity checks don’t catch it, but the kernel still executes the tampered version in memory. Even worse, since the page cache is shared, it can potentially cross container boundaries too. Patch ASAP if your distro hasn’t already, because this one feels way too reliable… submitted by /u/OkReport5065 [link] [comments]