{"id":237285,"date":"2026-04-29T20:01:00","date_gmt":"2026-04-30T00:01:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/29\/linux-cryptographic-code-flaw-offers-fast-route-to-root-the-register\/"},"modified":"2026-04-30T01:45:11","modified_gmt":"2026-04-30T05:45:11","slug":"linux-cryptographic-code-flaw-offers-fast-route-to-root-the-register","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/29\/linux-cryptographic-code-flaw-offers-fast-route-to-root-the-register\/","title":{"rendered":"Linux cryptographic code flaw offers fast route to root \u2022 The Register"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.com\/2026\/04\/30\/linux_cryptographic_code_flaw\/\">Linux cryptographic code flaw offers fast route to root \u2022 The Register<\/a><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/04\/30\/linux_cryptographic_code_flaw\/\">https:\/\/www.theregister.com\/2026\/04\/30\/linux_cryptographic_code_flaw\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-29 20:01:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.theregister.com\">www.theregister.com<\/a><\/p>\n<p>Developers of major Linux distributions have begun shipping patches to address a local privilege escalation (LPE) vulnerability arising from a logic flaw.<\/p>\n<p>The newly disclosed LPE, dubbed Copy Fail (CVE-2026-31431), comes from a vulnerability in the Linux kernel&#8217;s authencesn cryptographic template.<\/p>\n<p>&#8220;An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root,&#8221; the writeup from security biz Theori explains.<\/p>\n<p>The kernel reads the page cache when it loads a binary, so modifying the cached copy amounts to altering the binary for the purpose of program execution. But doing so doesn&#8217;t trigger any defenses focused on file system events like inotify.<\/p>\n<p>The proof of concept exploit is a 10-line, 732-byte Python script capable of editing a setuid binary to gain root on almost all Linux distributions released since 2017.<\/p>\n<p>Copy Fail is similar to other LPE bugs such as Dirty Cow and Dirty Pipe, but its finders claim it doesn&#8217;t require winning a race condition and it&#8217;s more broadly applicable.<\/p>\n<p>It&#8217;s not remotely exploitable on its own \u2013 hence LPE \u2013 but if chained with a web RCE, malicious CI runner, or SSH compromise, it could be relevant to an external attacker. The bug is of most immediate concern to those using multi-tenant Linux systems, shared-kernel containers, or CI runners that execute untrusted code.<\/p>\n<p>According to Theori, the vulnerability also represents a potential container escape primitive that could affect Kubernetes nodes, because the page cache is shared across the host.<\/p>\n<p>Linux distros Debian, Ubuntu, and SUSE have issued patches for the problem, as have overseers of other distros.<\/p>\n<p>Red Hat initially said it was going to defer the fix but later changed its<\/p>\n<p>guidance to indicate it will go along with other distros and patch&#8230;<br \/>\n<br \/><a href=\"https:\/\/www.theregister.com\/2026\/04\/30\/linux_cryptographic_code_flaw\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux cryptographic code flaw offers fast route to root \u2022 The Register https:\/\/www.theregister.com\/2026\/04\/30\/linux_cryptographic_code_flaw\/ Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":237286,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/regmedia.co.uk\/2026\/04\/30\/shutterstock_penguin_fights_fur_seal.jpg","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,91,31,89,71,94,57,79,27],"class_list":["post-237285","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-debian","tag-exploit","tag-flaw","tag-linux","tag-red-hat-enterprise-linux","tag-security","tag-ubuntu","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237285"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=237285"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237285\/revisions"}],"predecessor-version":[{"id":237287,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237285\/revisions\/237287"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/237286"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=237285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=237285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=237285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}