{"id":237471,"date":"2026-04-30T11:08:00","date_gmt":"2026-04-30T15:08:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/30\/linux-copy-fail-flaw-delivers-root-level-access-to-distros\/"},"modified":"2026-04-30T11:30:08","modified_gmt":"2026-04-30T15:30:08","slug":"linux-copy-fail-flaw-delivers-root-level-access-to-distros","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/30\/linux-copy-fail-flaw-delivers-root-level-access-to-distros\/","title":{"rendered":"Linux &#8216;Copy Fail&#8217; Flaw Delivers Root-Level Access to Distros"},"content":{"rendered":"<p><a href=\"https:\/\/www.bankinfosecurity.com\/linux-copy-fail-flaw-delivers-root-level-access-to-distros-a-31558\">Linux &#8216;Copy Fail&#8217; Flaw Delivers Root-Level Access to Distros<\/a><\/p>\n<p><a href=\"https:\/\/www.bankinfosecurity.com\/linux-copy-fail-flaw-delivers-root-level-access-to-distros-a-31558\">https:\/\/www.bankinfosecurity.com\/linux-copy-fail-flaw-delivers-root-level-access-to-distros-a-31558<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-30 11:08:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bankinfosecurity.com\">www.bankinfosecurity.com<\/a><\/p>\n<p class=\"text-muted\">\n                                            Artificial Intelligence &#038; Machine Learning<br \/>\n                                                    ,<br \/>\n                                                            Governance &#038; Risk Management<br \/>\n                                                    ,<br \/>\n                                                            Next-Generation Technologies &#038; Secure Development\n                                                                                                <\/p>\n<p>                    <span class=\"article-sub-title\">AI-Assisted Offensive Security Researcher Discovered Flaw After 1 Hour of Scanning<\/span><br \/>\n                <span class=\"article-byline\"><br \/>\n                                                Mathew J. Schwartz (euroinfosec)                                                    \u2022<br \/>\n                        <span class=\"text-nowrap\">April 30, 2026<\/span> \u00a0 \u00a0 <\/span><\/p>\n<p>                Image: Shutterstock            <\/p>\n<p>The Linux kernel needs to be patched to fix a vulnerability that exists in every distribution of the operating system created from 2017, onward. Successfully exploiting the flaw in the kernel&#8217;s cryptography API would give an attacker root-level access to the operating system. <\/p>\n<p>See Also: AI Agents Introduce a New Insider Threat Model<\/p>\n<p>&#8220;An unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root,&#8221; said researchers at offensive security firm Theori on Wednesday of the local privilege escalation flaw, CVE-2026-31431. They nicknamed it &#8220;Copy Fail.&#8221;<\/p>\n<p>&#8220;Most major distributions are shipping the fix now,&#8221; they said. As a temporary mitigation, users can &#8220;disable the algif_aead module&#8221; to block the flaw from being exploited, although potentially at the cost of some functionality, they said. <\/p>\n<p>The module is part of the Linux kernel&#8217;s cryptographic subsystem, and typically ships active by default.<\/p>\n<p>Theori released a proof-of-concept exploit. Other researchers&#8230;<\/p>\n<p><a href=\"https:\/\/www.bankinfosecurity.com\/linux-copy-fail-flaw-delivers-root-level-access-to-distros-a-31558\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux &#8216;Copy Fail&#8217; Flaw Delivers Root-Level Access to Distros https:\/\/www.bankinfosecurity.com\/linux-copy-fail-flaw-delivers-root-level-access-to-distros-a-31558 Publish Date: 2026-04-30 11:08:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":237472,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/ismg-cdn.nyc3.cdn.digitaloceanspaces.com\/articles\/linux-copy-fail-flaw-delivers-root-level-access-to-distros-image_large-2-a-31558.jpg","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,31,89,71,57,27],"class_list":["post-237471","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-exploit","tag-flaw","tag-linux","tag-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237471"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=237471"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237471\/revisions"}],"predecessor-version":[{"id":237473,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237471\/revisions\/237473"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/237472"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=237471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=237471"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=237471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}