LOWVulnerability
Global

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

·Source: The Hacker News

Updated:

Executive Summary

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori. "An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux

Analysis

Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori. "An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux

Indicators of Compromise (2)

CVE (1)
CVE-2026-31431
NVDMITRE CVE
Domain (1)
Xint.io
VirusTotalURLhaus
Source Attribution

Originally published by The Hacker News on Apr 30, 2026.

Related Threats

LOWVulnerability

Dirty Frag: Using the Page Caches as an Attack Surface

Dirty Frag is a Linux local privilege escalation (LPE) chain published on May 7, 2026. It combines two previously unknown kernel vulnerabilities can allow an unprivileged local user to escalate to root on many major Linux distributions. As of May 8, 2026, CVE-2026-43284 had been patched in mainline Linux, while public reporting indicated that CVE-2026-43500 […]

CVE-2026-43284CVE-2026-43500
Qualys Blog
LOWVulnerability

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 (CVSS score: 4.3) - An insufficient input validation of the feature file name in the "feature::LOADFEATUREFILE" adminbin call that could result

CVE-2026-29201
The Hacker News
MEDIUMVulnerability

ISMG Editors: The Battle Over Access to Frontier AI Models

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/ismg-editors-battle-over-access-to-frontier-ai-models-image_small-10-a-31644.jpg" align=right hspace=4><b>Also: Washington's AI Policy Divide, FDA's Push for AI-Driven Clinical Trials</b><br>In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfoldin

Bank Info Security