I’m a bit surprised they did not wait till a patch was available for the major distros.

dermolly@toot.kif.rocks

I’m a bit surprised they did not wait till a patch was available for the major distros. Smells like an IPO or the next round of funding is coming soon.

You probably want to keep a close eye on any system you maintain where unprivileged users have shell access and update as soon as possible.

Copy Fail — 732 Bytes to Root

Copy Fail (CVE-2026-31431): a 732-byte Linux LPE — straight-line, no race, no per-distro offsets. Same Python script roots Ubuntu, Amazon Linux, RHEL, SUSE since 2017. Page-cache write bypasses on-disk file-integrity tools and crosses container boundaries. Found by Xint Code.

Xint (copy.fail)

CVE-2026-31431

(security-tracker.debian.org)

CVE-2026-31431 | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

Ubuntu (ubuntu.com)

CVE-2026-31431 Common Vulnerabilities and Exposures | SUSE

Secure your Linux systems from CVE-2026-31431. Stay ahead of potential threats with the latest security updates from SUSE.

(www.suse.com)

#copyfail