Find notable cyber news and cases, enriched with sources, timelines, and signals.

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First reported
Last updated
Happening score
H score 39
1 unique sources, 2 articles

Summary

Hide ▲

Linux kernel maintainers have fixed CVE-2026-31431 and are rolling out updates to close a local privilege escalation flaw that lets an unprivileged attacker gain root on vulnerable kernels released since 2017. The upstream fix reverted the problematic “in-place” crypto behavior that enabled the Copy Fail issue. Patched builds are available in 6.18.22, 6.19.12, and 7.0, and major distributions are already pushing the update. The release matters because a public proof-of-concept exploit emerged alongside the fix, increasing pressure to patch exposed systems quickly.

Related Happenings

Linux kernel maintainers security patch release for CVE-2026-43503

Security Patch Release
H score34 First: 26.06.2026 14:51 Last: 26.06.2026 14:51 Sources 1

About this happening: **Linux kernel** merged and shipped the **DirtyClone** security fix for **CVE-2026-43503**, closing a **CVSS 8.8** local privilege-escalation path that could let affected systems...

Google Vertex AI SDK for Python security patch release (1.144.0–1.148.0)

Security Patch Release
H score15 First: 16.06.2026 22:05 Last: 16.06.2026 22:05 Sources 1

About this happening: Google released staged fixes for **Google Cloud Vertex AI SDK for Python**, closing a **bucket-squatting** path that could hijack model uploads and enable code execution in Google...

LiteLLM v1.83.14-stable security fix release (multiple vulnerabilities)

Security Patch Release
H score42 First: 15.06.2026 19:39 Last: 15.06.2026 19:39 Sources 1

About this happening: **BerriAI** shipped **LiteLLM v1.83.14-stable** to close a **three-CVE chain** that could let a low-privilege proxy user reach **full admin** and **run code on the server**. The u...

Langflow security patch release for CVE-2026-5027

Security Patch Release
H score38 First: 11.06.2026 00:23 Last: 11.06.2026 00:23 Sources 1

About this happening: **Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...

Ivanti Sentry patch release for CVE-2026-10520 and CVE-2026-10523

Security Patch Release
H score54 First: 10.06.2026 09:26 Last: 10.06.2026 09:26 Sources 1

About this happening: **Ivanti** released a **patch bundle** for **Sentry** after identifying **two critical vulnerabilities** in the secure mobile gateway appliance, including **CVE-2026-10520** and *...

Timeline

  1. 30.04.2026 03:00 1 articles · 2mo ago

    Public Copy Fail proof-of-concept exploit emerges

    Technical Analysis Update

    Technical details and a 732-byte Python-based proof-of-concept exploit for Copy Fail emerged publicly on the previous day, showing how unprivileged local attackers can combine AF_ALG and `splice()` to perform a controlled 4-byte write in the page cache and gain root on vulnerable Linux distributions such as Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, and SUSE 16.

    Show sources
  2. 30.04.2026 03:00 1 articles · 2mo ago

    Interim AF_ALG mitigation guidance for vulnerable Linux systems

    Mitigation Patch Update

    Researchers advised operators of vulnerable Linux hosts to disable AF_ALG socket creation or unload the `algif_aead` module until kernel updates are installed, and to prioritize multi-tenant Linux hosts, Kubernetes/container clusters, CI runners/build farms, and cloud SaaS running user code.

    Show sources
  3. 01.04.2026 03:00 2 articles · 3mo ago

    Upstream Linux kernel fix for CVE-2026-31431

    Mitigation Patch Update

    Linux kernel maintainers reverted the problematic 'in-place' crypto behavior introduced in Linux kernel version 4.14 in 2017, and fixed builds for CVE-2026-31431 became available in 6.18.22, 6.19.12, and 7.0 on April 1.

    Show sources
  4. 23.03.2026 02:00 1 articles · 3mo ago

    Theori discloses Copy Fail to Linux kernel security team

    Initial Disclosure

    Theori discovered CVE-2026-31431, dubbed Copy Fail, after using its Xint Code platform to scan the Linux crypto subsystem for about an hour, then reported the finding to the Linux kernel security team on March 23.

    Show sources