"The vulnerability, known as Copy Fail and registered as CVE-2026-31431, resides in a cryptographic component of the kernel. Researchers at Theori discovered that a user without special privileges can make limited modifications to the so-called page cache of files."
"What makes the problem particularly concerning is that this manipulation occurs outside the scope of standard security measures. The kernel uses the page cache when loading programs, allowing a modified version of a file to be executed undetected."
"Although the vulnerability cannot be exploited directly from a remote location, it can be used as part of a broader attack chain. Systems with multiple active users or those running containers with a shared kernel are particularly at risk."
A vulnerability in the Linux kernel, known as Copy Fail (CVE-2026-31431), allows local users to elevate their privileges to root level. Discovered by Theori, this issue resides in a cryptographic component and enables users to modify the page cache of files. This manipulation occurs outside standard security measures, making detection difficult. The vulnerability can be exploited easily with a short script, posing risks in environments with multiple users or shared kernels, particularly in container setups like Kubernetes.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]