copy.fail: The Most Severe Linux Kernel Vulnerability in Years (CVE-2026-31431)

A critical security vulnerability in the Linux kernel, identified as CVE-2026-31431 and nicknamed Copy Fail, allows an unprivileged local attacker to gain root-level access to a system. Disclosed by the security firm Theori on April 29, 2026, the flaw is described as one of the most severe Linux vulnerabilities in recent years due to its reliability and broad impact across major distributions.

The vulnerability is a local privilege escalation (LPE), a type of exploit where an attacker who already possesses limited access to a machine can promote their permissions to the highest possible level, known as root. Once root access is achieved, the attacker can read any file on the system, install persistent backdoors, monitor all active processes and use the compromised machine as a pivot point to attack other systems on the network.

Risks to Shared Infrastructure

While the term local may suggest a limited threat, the nature of modern computing environments significantly expands the attack surface. In 2026, many distinct users and applications share a single Linux kernel, meaning a kernel-level LPE can collapse the security boundaries between them.

This vulnerability poses a direct threat to several common deployment models, including:

• Containers running on shared Kubernetes nodes, where an attacker in one container could potentially escalate privileges to affect the host or other containers.
• Tenants on shared hosting environments who share the underlying operating system.
• CI/CD pipelines that execute untrusted code from pull requests.
• Windows laptops running the Windows Subsystem for Linux (WSL2).
• Containerized AI agents that have been granted shell access to a system.

Because these environments rely on the Linux kernel to maintain isolation, a flaw that allows a user to bypass these restrictions undermines the fundamental trust boundary of the infrastructure.

Technical Execution and Stealth

The exploit leverages a combination of the Linux kernel’s cryptographic API—specifically AF_ALG sockets—and the splice() system call. By abusing these mechanisms, an attacker can write four bytes of data at a time directly into the page cache of a file that they do not own.

The page cache is a transparent buffer that the kernel uses to store recently accessed data from the disk to improve performance. By modifying the cache rather than the file itself, the attacker can manipulate how the system perceives and executes data without ever changing the actual file stored on the physical disk.

This method provides a high degree of stealth. Because the file on the disk remains untouched, traditional integrity monitoring tools that rely on checksums or file hashes—such as AIDE and Tripwire—will not detect the intrusion. The changes exist only in the system’s volatile memory, leaving no footprint for standard file-based security scanners.

the exploit is highly portable. Unlike many kernel vulnerabilities that rely on race conditions or specific memory offsets that vary by version, Copy Fail works unmodified across a wide array of distributions, including Ubuntu, RHEL, Debian, SUSE, Amazon Linux, and Fedora.

Kubernetes and Mitigation

For organizations utilizing Kubernetes, existing security configurations may be insufficient to stop the attack. The system calls used in the Copy Fail exploit are not blocked by the default RuntimeDefault seccomp profile, nor are they prevented by the Kubernetes Pod Security Standards (Restricted) profile.

Seccomp, or secure computing mode, is a Linux kernel feature that restricts the system calls a process can make to reduce the kernel’s attack surface. Because the default profiles allow the necessary calls for this exploit, administrators must implement custom seccomp profiles to effectively block the vulnerability in containerized environments.

A mainline fix for the vulnerability was released on April 1, 2026. Linux distributions are currently in the process of rolling out updated kernels to their users. Security professionals are urged to patch their systems immediately to close the loophole.