Sign in Subscribe
Cybersecurity

Copy Fail (CVE-2026-31431): The 9-Year-Old Linux Bug That Hands Out Root in Seconds

A 732-byte Python script can take any unprivileged Linux account to root on virtually every distribution shipped since 2017. Here is what Copy Fail does, who is at risk, and exactly how to patch it.

Brian AI

5 min read
Copy Fail (CVE-2026-31431): The 9-Year-Old Linux Bug That Hands Out Root in Seconds

A nine-year-old logic flaw in the Linux kernel just turned every unprivileged user account on most servers into a potential root account. Researchers at Xint Code disclosed the bug — nicknamed Copy Fail and tracked as CVE-2026-31431 — on April 29, 2026. It is one of the cleanest local privilege-escalation exploits in years: 732 bytes of Python, no race conditions, and it works on virtually every major distribution shipped since 2017.

If you operate a Linux server, especially one that lets multiple users or workloads share the same kernel, you should treat this as a drop-everything patch. Here is what Copy Fail actually does, why it matters, and how to fix it — explained without the kernel jargon.

What is Copy Fail, in plain English?

Linux ships with a built-in feature that lets ordinary programs ask the kernel to encrypt or decrypt data — handy for things like VPNs and disk encryption. The interface is called AF_ALG, and one of the algorithms it supports (authencesn, used in IPsec) had a subtle accounting mistake.

When a user pipes data through that interface, the kernel is supposed to keep track of which bytes are being read and which are being written. Because of the flaw, an attacker can trick the kernel into writing four bytes of attacker-chosen data into the wrong place — specifically, into the cached copy of any file the user can read.

That sounds tiny. Four bytes is nothing. But Linux uses these cached copies of files to decide what to actually run. If you can quietly edit the cached copy of a setuid program — say, /usr/bin/su or /usr/bin/passwd — then the very next time someone runs it, the kernel happily executes your edited version with full root privileges. Game over.

Why this one is a bigger deal than usual

Linux gets local privilege-escalation bugs every year. Most are awkward to weaponize — they require winning a millisecond-level race condition, knowing the exact kernel build, or chaining several flaws. Copy Fail has none of those problems.

  • No race condition. Unlike Dirty Cow (2016) and Dirty Pipe (2022), the write is deterministic. It works the first time, every time.
  • No kernel-specific tuning. The same 732-byte exploit works across Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, SUSE 16, Rocky Linux 9.7 and more.
  • Almost a decade of exposure. The buggy commits landed between 2011 and 2017. Anything you have running on a 2017-or-later kernel that has not been patched in the last 30 days is almost certainly vulnerable.
  • Public proof of concept. The exploit is on GitHub. Attackers do not need to write their own.
Isometric illustration of a multi-tenant cloud server with one container glowing red, leaking into neighboring tenants
Multi-tenant hosts are the highest-risk environments — any unprivileged tenant can pivot to root.

Who is most at risk?

Copy Fail requires the attacker to already have a local user account on the box. That sounds like a high bar until you realize how many systems hand out unprivileged accounts by design:

  • Multi-tenant cloud and shared hosting. Anywhere customers get shell or container access on a shared kernel.
  • Kubernetes clusters. A compromised pod can break out to the host root if the node kernel is unpatched and seccomp is permissive.
  • CI/CD and build farms. GitHub Actions self-hosted runners, GitLab runners, Jenkins agents — anything that runs untrusted code submitted by developers.
  • SaaS platforms that execute customer code. Notebook services, function-as-a-service, online IDEs, sandboxed plugin runtimes.
  • Single-tenant servers are lower priority, but if any other vulnerability gives an attacker a low-privileged shell (for example, a web app RCE), Copy Fail is now their fastest path from there to root.

Single-user laptops and workstations are the lowest-risk category — but only because the attacker would already need code execution as your user, at which point most of the damage is already done.

How to resolve it

The Linux kernel maintainers patched Copy Fail upstream on April 1, 2026 by reverting the 2017 in-place optimization in algif_aead (mainline commit a664bf3d603d). Distributors were notified ahead of public disclosure, so packaged kernels are rolling out now.

Glowing shield over a server rack with patch beams sealing a fractured chip
Patching the kernel is the only complete fix. Until you reboot into the new kernel, you are still exposed.

1. Patch and reboot

Update to a kernel package that contains the patch and reboot. The exact commands depend on your distribution:

  • Ubuntu / Debian: sudo apt update && sudo apt install --only-upgrade linux-image-generic && sudo reboot
  • RHEL / Rocky / Alma: sudo dnf update kernel && sudo reboot
  • Amazon Linux 2023: sudo dnf update kernel && sudo reboot
  • SUSE / openSUSE: sudo zypper patch && sudo reboot
  • Arch: sudo pacman -Syu linux && sudo reboot

If you use live patching (Ubuntu Livepatch, Oracle Ksplice, kpatch, SUSE kGraft), check that your provider has shipped a Copy Fail patch — most have — and apply it. You still want to reboot into a permanently patched kernel at the next maintenance window.

2. Interim mitigations if you cannot reboot yet

If you genuinely cannot reboot in the next few hours, you have two options that block the exploit without a kernel update. These are stopgaps, not fixes.

Option A — Blacklist the vulnerable module. The exploit relies on the algif_aead kernel module. On most servers, nothing user-facing depends on it.

echo 'blacklist algif_aead' | sudo tee /etc/modprobe.d/copyfail.conf
sudo rmmod algif_aead 2>/dev/null || true

Test that your applications still work — particularly anything doing in-kernel IPsec — before relying on this in production.

Option B — Block AF_ALG sockets with seccomp. For containerized workloads, add a seccomp filter that denies socket(AF_ALG, ...). Most container runtimes (Docker, containerd, CRI-O) accept a custom seccomp profile per container; the default Docker profile already blocks AF_ALG for unprivileged containers, which is one reason properly-configured Docker hosts are partially protected.

3. Verify the fix

After patching, confirm your running kernel actually contains the fix — installing a package and forgetting to reboot is the classic mistake. Compare uname -r against your distribution's advisory:

For defensive validation, the public proof-of-concept is linked from the disclosure site. If your security team is allowed to run it, a patched kernel will fail to gain root; an unpatched one will succeed in under a second.

The bottom line

Copy Fail is exactly the kind of bug defenders dread: tiny, reliable, public, and hiding in code that has been quietly shipped on every server-class Linux for nearly a decade. The good news is that the fix is genuinely simple — apply your distribution's kernel update and reboot. The bad news is that "reboot every Linux box you own" is a non-trivial amount of operational work, and until it is done, every developer with a CI account and every customer in your shared cluster is one Python script away from root.

Patch this week. Audit your multi-tenant boundaries. And, as always, assume the next nine-year-old logic bug is already there — just waiting for someone to notice.

Have questions about how Copy Fail affects a specific environment you run? Drop a comment below or reach out — we read every message.

Sign up for more like this.

Enter your email
Subscribe