DigiNews

Summary

Copy Fail (CVE-2026-31431) is a Linux kernel vulnerability disclosed in April 2026 that enables local privilege escalation from a standard user to root on recent 6.x kernels via AF_ALG and algif_aead. A small Python PoC can write to the page cache to compromise setuid binaries, and patch status varies by distribution. The article provides detection steps, mitigations, patch timelines, and notes on the role of AI in discovery versus manual auditing.