CopyFail Linux Exploit: Root Access in Seconds (CVE-2026-31431)
TL;DR
– CopyFail (CVE-2026-31431) is a logic flaw in Linux kernel crypto API — no race condition, 100% reliable exploit
– Single Python script grants root access on Ubuntu, Debian, SUSE, Amazon Linux without modification
– Affects all containers on shared kernel: Kubernetes, CI/CD pipelines, WSL2, cloud tenants
– Patches exist in upstream kernel, but most distros haven’t shipped updates yet
– Exploit already public; attack window open until vendors patch
A single Python script. Ten seconds. Full root access on virtually every Linux system in production today.
This isn’t a theoretical attack chain or a proof-of-concept that works only under lab conditions. CopyFail (CVE-2026-31431) is a logic flaw in the Linux kernel’s crypto API that bypasses authentication checks without requiring race conditions, memory corruption, or kernel offset guessing. The same exploit script works reliably on Ubuntu 22.04, Amazon Linux 2023, SUSE 15.6, and Debian 12 — no modification needed.
Security researchers from Theori released the vulnerability and its exploit code five weeks after private disclosure to the Linux kernel security team. The timing drew sharp criticism: patches exist in kernel versions 7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254, but most distribution vendors had not yet shipped updates when the exploit went public.
What Makes CopyFail Different
Local privilege escalation vulnerabilities are common. CopyFail is exceptional because it exploits a straight-line logic error rather than a probabilistic race condition or heap corruption bug.
“Local privilege escalation sounds dry, so let me unpack it. It means: An attacker who already has some way to run code on the machine, even as the most boring unprivileged user, can promote themselves to root. From there they can read every file, install backdoors, watch every process, and pivot to other systems.”
— Jorijn Schrijvershof, security researcher
The vulnerability lives in the kernel’s authencesn AEAD template used for IPsec extended sequence numbers. When processing authenticated encryption, the code fails to copy data correctly — it uses the caller’s destination buffer as scratch space, writes four bytes past the legitimate output region, and never restores them. The “copy” fails to stay inside the destination buffer. Hence: CopyFail.
Because this is a logic bug rather than a timing-dependent race condition, exploitation reliability approaches 100%. No kernel offset calculations. No distribution-specific tuning. One script, every vulnerable system.
The Threat Model: “Local” Covers More Ground Than You Think
In 2026, “local access” encompasses far more than physical console login or SSH credentials:
| Attack Vector | Scenario |
|—————|———-|
| Shared hosting | Every tenant on a multi-tenant server shares one kernel |
| Kubernetes | Every container on a node shares the host kernel |
| CI/CD pipelines | Untrusted pull-request code runs with shell access |
| WSL2 | Windows Subsystem for Linux instances share kernel |
| Containerized AI agents | Shell-accessible agents run on shared infrastructure |
| WordPress compromises | Plugin vulnerabilities grant www-data shell access |
The realistic attack chain looks like this: an attacker exploits a known WordPress plugin vulnerability, gains shell access as the unprivileged www-data user, runs the copy.fail proof-of-concept script, and becomes root on the host within seconds. Every other tenant on that server becomes reachable.
CopyFail does not get the attacker onto the box — it changes what happens in the next ten seconds after they land there.
CopyFail vs. Dirty Cow vs. Dirty Pipe
| Vulnerability | CVE | Year | Type | Reliability | Impact |
|—————|—–|——|——|————-|——–|
| CopyFail | CVE-2026-31431 | 2026 | Logic flaw | ~100% | Full root |
| Dirty Pipe | CVE-2022-0847 | 2022 | Pipe buffer | High | Arbitrary write |
| Dirty Cow | CVE-2016-5195 | 2016 | Race condition | Moderate | Full root |
Dirty Cow (2016) and Dirty Pipe (2022) were both actively exploited in the wild. Security experts are calling CopyFail “the worst make-me-root vulnerability in the kernel in recent times” — worse than Dirty Pipe because it requires no race window, and worse than Dirty Cow because it needs no kernel offset tuning.
Vendor Patch Status (As of May 2026)
| Distribution | Status | Notes |
|————–|——–|——-|
| Arch Linux | ✅ Patched | Rolling release model enabled fast response |
| Red Hat Fedora | ✅ Patched | Upstream tracking via Bugzilla |
| Ubuntu | ⚠️ Advisory only | Mitigation guidance published, patch pending |
| Debian | ⚠️ Advisory only | Security tracker updated |
| SUSE | ⚠️ Advisory only | Mitigation guidance available |
| Amazon Linux | ⚠️ Pending | No patch released |
The disclosure timeline drew criticism from vulnerability analysts. Will Dormann, senior principal vulnerability analyst at Tharros Labs, noted: “What is mind boggling to me is that in their writeup they both list affected vendors and tell readers to apply vendor patches. But before firing away with the publication, they didn’t bother to see if ANY of the vendors that they list ACTUALLY HAVE PATCHES.”
Technical Deep Dive: The Crypto API Flaw
The vulnerability stems from the authencesn AEAD (Authenticated Encryption with Associated Data) template in the Linux kernel crypto API. This template handles IPsec extended sequence numbers (ESN), which prevent replay attacks in encrypted network traffic.
When processing authentication tags, the code should copy Associated Data (AAD) ESN bytes into a destination buffer. Instead, it:
- Uses the caller’s destination buffer as temporary scratch space
- Scribbles 4 bytes past the legitimate output region
- Never restores the overwritten bytes
The result: an unprivileged user can manipulate kernel memory in a controlled way, bypassing authentication checks and escalating to root. Because the bug is in straight-line code (not a race condition or probabilistic memory corruption), exploitation succeeds deterministically.
Theori discovered the vulnerability using its AI-powered Xint code security tool. Researcher Taeyang Lee identified that the crypto subsystem’s splice() handling — specifically page-cache pages and scatterlist page provenance — had been underexplored. After approximately one hour of AI-assisted scanning, the bug was found.
Container Escape Implications
Theori developed a variant of the CopyFail exploit that breaks out of Kubernetes containers. This has profound implications for multi-tenant cloud infrastructure:
- Container escape: Any compromised container can escape to the host kernel
- CI/CD compromise: Malicious pull requests can escalate during build
- AI agent breakout: Containerized AI agents with shell access can escape isolation
- Cloud tenant pivot: Shared hosting providers face cross-tenant compromise risk
For organizations running Kubernetes clusters, the attack surface expands dramatically. A single compromised pod — perhaps through a supply chain attack or misconfigured RBAC — becomes a foothold for full cluster compromise.
What Sysadmins Must Do Now
- Check kernel version:
uname -r— if below patched versions, you’re vulnerable - Monitor for exploit attempts: The
copy.failscript has distinct syscall patterns - Prioritize patching: Contact your distribution vendor for patch timelines
- Review container isolation: Consider gVisor or Kata Containers for untrusted workloads
- Audit CI/CD pipelines: Restrict shell access for untrusted code execution
For enterprises running multi-tenant infrastructure, the window between exploit publication and vendor patch availability represents significant risk. Theori’s decision to release exploit code before distribution patches were ready amounts to a “zero-day patch gap” — functionally equivalent to a zero-day from a defender’s perspective.
The Disclosure Ethics Question
Security disclosure has long balanced transparency against protection. Coordinated disclosure gives vendors time to patch before attackers learn the vulnerability. Theori’s approach — private disclosure to kernel team, public release five weeks later regardless of distribution readiness — prioritizes researcher autonomy over vendor coordination.
The result: defenders now have detailed exploit information without corresponding patch availability from most vendors. Arch Linux and Fedora responded quickly due to their update models. Enterprise distributions (Ubuntu, RHEL, SUSE) move slower, leaving production systems exposed during the gap.
The question isn’t whether CopyFail will be exploited in the wild — it already has the hallmarks of active weaponization. The question is whether infrastructure operators can patch faster than attackers can automate the copy.fail script across botnets and vulnerability scanners.
For multi-tenant cloud providers, the math is unforgiving: one unpatched node, one compromised container, ten seconds to full cluster compromise.
Patch status: https://ubuntu.com/security/CVE-2026-31431 | https://www.suse.com/security/cve/CVE-2026-31431.html | https://access.redhat.com/security/cve/cve-2026-31431
Related: Defend Against LiteSpeed CVE-2026-48172 Root Exploit.
Related: How to Fix Linux Menu Icons for Portable Electron Apps.
Discover more from Susiloharjo
Subscribe to get the latest posts sent to your email.