The "copy fail" vulnerability (CVE-2026-31431, CVSS 7.8) is a local privilege escalation flaw in the Linux kernel's AEAD crypto implementation, allowing an unprivileged user to overwrite four bytes in the page cache of any readable file, including set-UID binaries, to gain root or escape containers. It affects Linux kernel versions from 4.14 through specific sub-versions of 5.10, 5.15, 6.1, 6.6, and 6.7, as detailed in the NVD data. Patches are available in kernel versions 5.10.254, 5.15.204, 6.1.170, 6.6.137, 6.12.85, 6.18.22, and 6.19.12.
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? hak5@endingwithali.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 1 - Copy Fail 2 - GitHub Security Outage 3 - SILENCE DEVELOPER 4 - BSides News LINKS 🔗 Story 1: Copy Fail https://xint.io/blog/copy-fail-linux-distributions https://github.com/theori-io/copy-fail-CVE-2026-31431/blob/main/copy_fail_exp.py https://www.wiz.io/blog/copyfail-cve-2026-31431-linux-privilege-escalation-vulnerability https://copy.fail/ https://www.youtube.com/watch?v=MaFK5AXpXXw 🔗 Story 2: GitHub Security Outage https://github.blog/security/securing-the-git-push-pipeline-responding-to-a-critical-remote-code-execution-vulnerability/ https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 🔗 Story 3: SILENCE DEVELOPER https://socket.dev/blog/lightning-pypi-package-compromised https://x.com/SocketSecurity/status/2049853742363693224 https://www.ox.security/blog/shai-hulud-bitwarden-cli-supply-chain-attack/ 🔗 Story 4: BSides News https://www.esecurityplanet.com/threats/clickup-data-leak-exposes-enterprise-emails-for-over-a-year/ https://securityaffairs.com/191600/security/google-revamps-bug-bounty-programs-android-rewards-rise-chrome-payouts-drop-in-the-age-of-ai.html https://github.blog/news-insights/company-news/an-update-on-github-availability/ https://www.helpnetsecurity.com/2026/04/30/warp-open-source-client/ https://mitchellh.com/writing/ghostty-leaving-github https://openai.com/index/where-the-goblins-came-from/ -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Community → https://www.hak5.org/community Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.