Announcements
We ıntegrate ınformatıon ın lıfe

PHOTO GALLERY VIDEO GALLERY
  • DOLAR
    %-0,10
  • EURO
    %-0,12
  • ALTIN
    %-0,10
  • BIST
    %0,92
    
                               
  • »
  • Technology
  • »
  • News
  • »
  • A Vulnerability That Has Not Been Closed for Years Has Been Detected in Linux
    • A Vulnerability That Has Not Been Closed for Years Has Been Detected in Linux

    A Vulnerability That Has Not Been Closed for Years Has Been Detected in Linux

    Copy Fail (CVE-2026-31431) vulnerability discovered in the Linux kernel allows local users to gain root privileges. Details are in our news.

    Security researchers have announced a new vulnerability in Linux operating systems that allows local users to access administrative privileges. This vulnerability, tracked under the code CVE-2026-31431 and called Copy Fail, is classified at a high risk level with a CVSS score of 7.8.

    This vulnerability, discovered by the Xint.io and Theori teams, is caused by a logic error in the cryptographic subsystem of the Linux kernel. This problem, which particularly affects the algif_aead module, is present in almost all Linux versions distributed since 2017.

    How Does Copy Fail Work?

    The vulnerability in question allows an unauthorized local user to write four bytes of data into the page cache of any readable file. This process results in editing the setuid binaries and gaining root directory access using a simple Python script.

    The attack process involves opening an AF_ALG socket and then triggering a write to the kernel’s cached /usr/bin/su file. Users who infiltrate the system with this method can bypass all restrictions by having administrative rights.

    Although this vulnerability cannot be directly triggered remotely, it allows a local user to affect all processes on the system. Sharing the page cache among all processes in the system also causes the vulnerability to have cross-container effects.

    Security Update from Distributions

    Copy Fail is similar to the Dirty Pipe vulnerability discovered in 2022. Experts state that both vulnerabilities work on the basis of data leakage to the page cache and fall into a similar classification.

    Major Linux distributions such as Amazon Linux, Debian, Red Hat Enterprise Linux, SUSE and Ubuntu have published their own security bulletins against the vulnerability in question. It is important for users to follow the updates provided by the relevant distributions to protect their systems.

    The fact that this vulnerability is portable, small and hidden makes it quite dangerous. At the same time, it does not require any race conditions or kernel offsets, allowing attackers to reliably exploit this vulnerability.

    System administrators and Linux users, what do you think about this critical vulnerability?

    Social Media Share:
    Tags:
    Linux System Vulnerability
    Previous Post
    Next Post

    YOU MAY ALSO BE INTERESTED IN

    TOGETHER FOR A LOOK

    Can you share with us your comment?

    The articles and news on the site are not used without source and source image.
    Social Networks
    Mylife-Guide.net © 2021-2026 All Rights Reserved