CVE-2026-31431, named Copy Fail, is a logic flaw in the Linux kernel’s authencesn cryptographic template. It has been sitting in the kernel since 2017, and as of 29 April 2026, there is a working public exploit for it.
If you run Linux, you are probably affected.
What Copy Fail Actually Does
Most privilege escalation bugs require winning a race condition or knowing kernel-specific memory offsets. As Theori’s technical write-up explains, Copy Fail is a straight-line logic flaw that needs neither — the same 732-byte Python script roots every Linux distribution shipped since 2017, with no per-distro offsets and no recompilation.
The Register’s coverage notes the proof of concept is a 10-line Python script using only standard library modules. It edits a setuid binary’s cached copy in the page cache to gain root, without triggering any filesystem-level defenses like inotify.
The technical chain: a bug in authencesn combined with AF_ALG and splice() produces a 4-byte controlled write into the page cache of any readable file. That is enough. The CVE is rated High severity at 7.8/10.
Who Is at Risk
Copy Fail requires only an unprivileged local user account — no network access, no kernel debugging features. The kernel crypto API (AF_ALG) ships enabled in essentially every mainstream distro’s default config, so the entire 2017-to-patch window is exposed out of the box.
The highest-risk systems are multi-tenant ones. Per the official advisory at copy.fail: shared dev boxes, jump hosts, build servers, Kubernetes nodes where a pod can compromise the host and cross tenant boundaries, and CI runners that execute untrusted PR code. If you run GitHub Actions self-hosted runners or GitLab runners on shared infrastructure, a malicious pull request can become root on the runner host.
CERT-EU’s advisory specifically recommends prioritising Kubernetes nodes and CI/CD runners for patching.
Standard single-tenant servers are lower risk — the bug does not grant remote access on its own — but it becomes a trivial step-up if an attacker already has a foothold via web RCE or stolen credentials.
How to Fix It
Patch first. Update your distribution’s kernel package to one that includes mainline commit a664bf3d603d, which reverts the 2017 algif_aead in-place optimisation. Most major distributions are shipping fixes now — check your distro’s security tracker.
If you cannot patch immediately, the common workaround is to disable the algif_aead module:
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead
Code language: Bash (bash)However, as CloudLinux’s write-up warns, this does not work on RHEL-family distributions including AlmaLinux, because algif_aead is built directly into the kernel rather than as a loadable module. The commands run without errors but leave the system unchanged, giving a false sense of protection.
For containers regardless of patch status, block AF_ALG socket creation via seccomp — since the exploit requires opening an AF_ALG socket as its first step, this stops it cold even on an unpatched kernel.
The AI Angle
Worth flagging because it changes the threat model going forward: Theori researcher Taeyang Lee identified the vulnerability with the help of the company’s AI security scanner, Xint Code. According to Bugcrowd’s analysis, the system surfaced the bug in about an hour of scan time against the Linux crypto/ subsystem, with one operator prompt and no harnessing.
A nine-year-old kernel bug, in a subsystem that countless researchers have audited, found by an AI in an hour. The assumption that the supply of kernel-grade bugs is roughly bounded by how many humans are looking for them is no longer safe.