Linux distributions mitigation advisories for CVE-2026-31431
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Multiple Linux distributions released advisories for CVE-2026-31431, adding mitigation guidance for a Linux kernel local privilege escalation that can let an unprivileged local user gain root. The response covers AlmaLinux, Amazon Linux, Arch Linux, CloudLinux, Debian, Gentoo, Red Hat Enterprise Linux, SUSE, and Ubuntu. The disclosures center on Copy Fail in the kernel's algif_aead module, a flaw with cross-container implications because the page cache is shared across processes.
Related Happenings
Linux kernel GhostLock root privilege escalation (CVE-2026-43499)
Vulnerability
H score28
First: 08.07.2026 09:16
Last: 08.07.2026 09:16
Sources 1
About this happening:
Researchers disclosed **GhostLock (CVE-2026-43499)**, a **Linux kernel** use-after-free that can let a **logged-in local user** gain **full root control** on unpatched systems. Th...
Linux kernel GhostLock root privilege escalation (CVE-2026-43499)
VulnerabilityAbout this happening: Researchers disclosed **GhostLock (CVE-2026-43499)**, a **Linux kernel** use-after-free that can let a **logged-in local user** gain **full root control** on unpatched systems. Th...
Linux kernel Bad Epoll use-after-free privilege-escalation flaw (CVE-2026-46242)
Vulnerability
H score23
First: 03.07.2026 22:40
Last: 03.07.2026 22:40
Sources 1
About this happening:
**Bad Epoll (CVE-2026-46242)** is a newly disclosed **Linux kernel** use-after-free flaw that can let an **unprivileged local user** gain **root** on affected systems. It affects...
Linux kernel Bad Epoll use-after-free privilege-escalation flaw (CVE-2026-46242)
VulnerabilityAbout this happening: **Bad Epoll (CVE-2026-46242)** is a newly disclosed **Linux kernel** use-after-free flaw that can let an **unprivileged local user** gain **root** on affected systems. It affects...
Progress LoadMaster CVE-2026-8037 patch release
Security Patch Release
H score52
First: 30.06.2026 10:38
Last: 30.06.2026 10:38
Sources 1
About this happening:
**Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...
Progress LoadMaster CVE-2026-8037 patch release
Security Patch ReleaseAbout this happening: **Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...
Progress Kemp LoadMaster pre-auth command injection (CVE-2026-8037)
Vulnerability
H score49
First: 30.06.2026 10:38
Last: 30.06.2026 10:38
Sources 1
About this happening:
**CVE-2026-8037** gives **Progress Kemp LoadMaster** with the **API enabled** a **pre-auth command injection** path that can run **root commands** on affected appliances. A **patc...
Progress Kemp LoadMaster pre-auth command injection (CVE-2026-8037)
VulnerabilityAbout this happening: **CVE-2026-8037** gives **Progress Kemp LoadMaster** with the **API enabled** a **pre-auth command injection** path that can run **root commands** on affected appliances. A **patc...
Linux kernel act_pedit out-of-bounds write security flaw (CVE-2026-46331)
Vulnerability
H score30
First: 26.06.2026 16:00
Last: 26.06.2026 16:00
Sources 1
About this happening:
A **Linux kernel** traffic-control flaw, **CVE-2026-46331**, lets a **local unprivileged user** gain **root** by abusing an **out-of-bounds write** in **act_pedit**. A **public wo...
Linux kernel act_pedit out-of-bounds write security flaw (CVE-2026-46331)
VulnerabilityAbout this happening: A **Linux kernel** traffic-control flaw, **CVE-2026-46331**, lets a **local unprivileged user** gain **root** by abusing an **out-of-bounds write** in **act_pedit**. A **public wo...
Timeline
-
30.04.2026 12:24 2 articles · 2mo ago
Linux distributions issue CVE-2026-31431 advisories
Mitigation Patch UpdateMultiple Linux distributions, including Amazon Linux, Red Hat Enterprise Linux, SUSE, and Ubuntu, issued advisories for CVE-2026-31431, also called Copy Fail, a Linux kernel local privilege escalation flaw in algif_aead that can let an unprivileged local user write four controlled bytes into the page cache of a readable file, corrupt a setuid binary, and gain root; the same primitive also affects cross-container isolation because the page cache is shared across processes.
Show sources
- New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions — thehackernews.com — 30.04.2026 12:24
- Exploitation of ‘Copy Fail’ Linux Vulnerability Begins — www.securityweek.com — 04.05.2026 13:42