https://blog.vyshak.in/tags/cve-2026-31431/ Recent content in CVE-2026-31431 on Vyshak Haridasan Hugo -- 0.153.3 en-us Mon, 11 May 2026 00:00:00 +0000 https://blog.vyshak.in/posts/copyfail/ Mon, 11 May 2026 00:00:00 +0000 https://blog.vyshak.in/posts/copyfail/ CopyFail (CVE-2026-31431) is a Linux kernel privilege escalation vulnerability that lets an unprivileged user exploit the AF_ALG Crypto API to write 4 bytes into the page cache of any readable file, enabling them to corrupt executable code in memory and gain root access when a privileged process runs the tampered file. It affects virtually every Linux distribution shipped since 2017, is already being actively exploited in the wild, and the US government has ordered federal agencies to patch by May 15.