Articles tagged "CVE"

A summary of "Copy Fail" (CVE-2026-31431, CVSS 7.8), a Linux kernel local privilege escalation disclosed at the end of April 2026. The root cause is a 2017-era in-place optimization in algif_aead, allowing unprivileged local users to flip a setuid binary via the page cache. Upstream fixes revert in-place AEAD to out-of-place and ship in 6.18.22 / 6.19.12 / 7.0. This article walks through the scope, distro status, and practical mitigations (disabling the module, blocking AF_ALG via seccomp).