This critical Linux vulnerability is putting millions of systems at risk – how to protect yours
This critical Linux vulnerability is putting millions of systems at risk – how to protect yours
Publish Date: 2026-05-05 10:47:00
Source Domain: www.zdnet.com
Kerry Wan/ZDNET
Follow ZDNET: Add us as a preferred source on Google.
ZDNET key takeaways
- Copy Fail is a dangerous Linux vulnerability.
- This flaw makes gaining root access easy for attackers.
- Copy Fail affects millions of Linux systems.
CVE-2026-31431, also known as Copy Fail, is a critical Linux kernel vulnerability that’s been hiding out since 2017 and is now getting the security spotlight it deserves.
Also: This simple Linux tweak fixes crashes automatically – and it costs me nothing
Oftentimes, Linux vulnerabilities can be a bit overblown, but not in this case. Copy Fail is serious business and should be considered an issue that must be mitigated.
What is Copy Fail?
Let’s talk about Copy Fail in terms that anyone can understand.
Imagine your computer’s memory as a chalkboard, where a teacher keeps track of your grades in real time. You don’t allow students to use either chalk or erasers, so they can’t change their grades. The “Copy Fail” vulnerability is like a sneaky student who somehow gains access to an eraser and chalk, and he changes just his grade while you’re not looking.
Essentially, Copy Fail is a flaw in the Linux system responsible for handling the security of certain types of data. The flaw allows an attacker with basic access to a system to alter a crucial piece of data in the computer’s RAM. Once the change is made, the altered data can trick the system into thinking that the attacker is the root user, granting the attacker full control of the system.
Also: 6 reasons a minimal Linux install might be the smartest move you make
Think of it this way: A janitor takes the nameplate from the boss’s office and slaps it on the wall beside his closet so everyone thinks he is the boss.
That’s Copy Fail.
A difference between Copy Fail and other vulnerabilities that have hit Linux is that this one doesn’t require specific timing or certain events to happen in an exact order. It’s much easier, and its effects can be devastating.
A bit more detail
For those…