Linux Kernel Elevation of Privilege Vulnerability

Release Date: 4 May 2026

RISK: Medium Risk

TYPE: Operating Systems - Linux

A vulnerability was identified in Linux Kernel. A local attacker can exploit this vulnerability to trigger elevation of privilege on the targeted system.

 

Note: 

CVE-2026-31431 is being exploited in the wild. Copy Fail (CVE-2026-31431) is a logic bug in the Linux kernel's authencesn cryptographic template. It lets an unprivileged local user trigger a deterministic, controlled 4-byte write into the page cache of any readable file on the system. A single 732-byte Python script can edit a setuid binary and obtain root on essentially all Linux distributions shipped since 2017.

---

Impact

• Elevation of Privilege

---

System / Technologies affected

• Ubuntu: https://ubuntu.com/security/CVE-2026-31431
• Debian: https://security-tracker.debian.org/tracker/CVE-2026-31431
• Red Hat: https://access.redhat.com/security/cve/cve-2026-31431
• SUSE: https://www.suse.com/security/cve/CVE-2026-31431.html

• Amazon:https://explore.alas.aws.amazon.com/CVE-2026-31431.html
• Arch：https://security.archlinux.org/CVE-2026-31431
• AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
• Cloudlinux: https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
• Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431

---

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

• Ubuntu: https://ubuntu.com/security/CVE-2026-31431
• Debian: https://security-tracker.debian.org/tracker/CVE-2026-31431
• Red Hat: https://access.redhat.com/security/cve/cve-2026-31431
• SUSE: https://www.suse.com/security/cve/CVE-2026-31431.html
• Amazon:https://explore.alas.aws.amazon.com/CVE-2026-31431.html
• Arch：https://security.archlinux.org/CVE-2026-31431
• AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
• Cloudlinux: https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
• Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431

---

Vulnerability Identifier

• CVE-2026-31431

---

Source

• Ubuntu: https://ubuntu.com/security/CVE-2026-31431
• Debian: https://security-tracker.debian.org/tracker/CVE-2026-31431
• Red Hat: https://access.redhat.com/security/cve/cve-2026-31431
• SUSE: https://www.suse.com/security/cve/CVE-2026-31431.html
• Amazon:https://explore.alas.aws.amazon.com/CVE-2026-31431.html
• Arch：https://security.archlinux.org/CVE-2026-31431
• AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
• Cloudlinux: https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
• Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431

---

Related Link

• https://ubuntu.com/security/CVE-2026-31431
• https://security-tracker.debian.org/tracker/CVE-2026-31431
• https://access.redhat.com/security/cve/cve-2026-31431
• https://www.suse.com/security/cve/CVE-2026-31431.html
• https://explore.alas.aws.amazon.com/CVE-2026-31431.html
• https://security.archlinux.org/CVE-2026-31431
• https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
• https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
• https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431
• https://copy.fail/
• https://xint.io/blog/copy-fail-linux-distributions
• https://www.cisa.gov/news-events/alerts/2026/05/01/cisa-adds-one-known-exploited-vulnerability-catalog