Linux Kernel "Copy Fail" Zero-Day (CVE-2026-31431): Root on Every Major Distro Since 2017
⚠️ Active Threat — Publicly Disclosed April 29, 2026. Working exploit code is public. Every unpatched Linux system running kernel 4.14 through 6.17 is affected. Check your kernel version now. See mitigation steps below. What Is “Copy Fail”? CVE-2026-31431, dubbed “Copy Fail” by the researchers who found it, is a local privilege escalation vulnerability in the Linux kernel’s cryptographic subsystem. CVSS score: 7.8. The practical impact: any local user — no special permissions required — can get a root shell on an unpatched system. Reliable, deterministic, no kernel offsets needed, no brute force, no KASLR bypass. ...