CopyFail (CVE-2026-31431): The Linux Privilege Escalation Flaw You Can't Ignore
CopyFail (CVE-2026-31431) is a Linux kernel privilege escalation vulnerability that lets an unprivileged user exploit the AF_ALG Crypto API to write 4 bytes into the page cache of any readable file, enabling them to corrupt executable code in memory and gain root access when a privileged process runs the tampered file. It affects virtually every Linux distribution shipped since 2017, is already being actively exploited in the wild, and the US government has ordered federal agencies to patch by May 15.