Linux distributions mitigation advisories for CVE-2026-31431
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Multiple Linux distributions released advisories for CVE-2026-31431, adding mitigation guidance for a Linux kernel local privilege escalation that can let an unprivileged local user gain root. The response covers AlmaLinux, Amazon Linux, Arch Linux, CloudLinux, Debian, Gentoo, Red Hat Enterprise Linux, SUSE, and Ubuntu. The disclosures center on Copy Fail in the kernel's algif_aead module, a flaw with cross-container implications because the page cache is shared across processes.
Related Happenings
LiteSpeed User-End cPanel Plugin root script execution security flaw (CVE-2026-48172)
Vulnerability
First: 23.05.2026 10:35
Last: 23.05.2026 10:35
Sources 1
About this happening:
**CVE-2026-48172** in the **LiteSpeed User-End cPanel Plugin** is now **actively exploited**, creating **root-level arbitrary script execution** risk for exposed cPanel systems. T...
LiteSpeed User-End cPanel Plugin root script execution security flaw (CVE-2026-48172)
VulnerabilityAbout this happening: **CVE-2026-48172** in the **LiteSpeed User-End cPanel Plugin** is now **actively exploited**, creating **root-level arbitrary script execution** risk for exposed cPanel systems. T...
Linux kernel improper privilege management flaw (CVE-2026-46333)
Vulnerability
First: 21.05.2026 10:35
Last: 21.05.2026 10:35
Sources 1
About this happening:
A **Linux kernel** privilege-management flaw, **CVE-2026-46333**, can let **unprivileged local users** on **Debian, Fedora, and Ubuntu** disclose **/etc/shadow** and **SSH host ke...
Linux kernel improper privilege management flaw (CVE-2026-46333)
VulnerabilityAbout this happening: A **Linux kernel** privilege-management flaw, **CVE-2026-46333**, can let **unprivileged local users** on **Debian, Fedora, and Ubuntu** disclose **/etc/shadow** and **SSH host ke...
Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)
Vulnerability
First: 20.05.2026 13:52
Last: 20.05.2026 13:52
Sources 1
About this happening:
**PinTheft** now has a **public PoC exploit**, turning a recently patched **Linux kernel RDS** flaw into a practical **local privilege escalation** risk for **Arch Linux** systems...
Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)
VulnerabilityAbout this happening: **PinTheft** now has a **public PoC exploit**, turning a recently patched **Linux kernel RDS** flaw into a practical **local privilege escalation** risk for **Arch Linux** systems...
Ivanti security patch release for CVE-2026-8043
Security Patch Release
First: 18.05.2026 13:54
Last: 18.05.2026 13:54
Sources 1
About this happening:
**Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Ivanti security patch release for CVE-2026-8043
Security Patch ReleaseAbout this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...
Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)
Vulnerability
First: 18.05.2026 10:18
Last: 18.05.2026 10:18
Sources 1
About this happening:
A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...
Linux kernel rxgk local DirtyDecrypt/DirtyCBC privilege-escalation flaw (CVE-2026-31635)
VulnerabilityAbout this happening: A **proof-of-concept exploit** has been released for **DirtyDecrypt/DirtyCBC** (**CVE-2026-31635**), a **recently patched Linux kernel** flaw in **rxgk_decrypt_skb()** that can en...
Timeline
-
30.04.2026 12:24 2 articles · 27d ago
Linux distributions issue CVE-2026-31431 advisories
Mitigation Patch UpdateMultiple Linux distributions, including Amazon Linux, Red Hat Enterprise Linux, SUSE, and Ubuntu, issued advisories for CVE-2026-31431, also called Copy Fail, a Linux kernel local privilege escalation flaw in algif_aead that can let an unprivileged local user write four controlled bytes into the page cache of a readable file, corrupt a setuid binary, and gain root; the same primitive also affects cross-container isolation because the page cache is shared across processes.
Show sources
- New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions — thehackernews.com — 30.04.2026 12:24
- Exploitation of ‘Copy Fail’ Linux Vulnerability Begins — www.securityweek.com — 04.05.2026 13:42