Alerts
High Severity Vulnerability in Linux Kernel
4 May 2026
A security update has been released to address a high severity vulnerability in the Linux kernel. Users and administrators of affected products are advised to update to the latest versions immediately.
Background
A security update has been released to address a local privilege escalation vulnerability (CVE-2026-31431) affecting the Linux kernel. This vulnerability, known as "Copy Fail", has a Common Vulnerability Scoring System (CVSS v3.1) score of 7.8 out of 10, and affects all major Linux distributions running kernel versions released since 2017.
Impact
Successful exploitation of this vulnerability could allow a local unprivileged attacker to write arbitrary bytes into the page cache of any readable file on the affected system, enabling privilege escalation to root. In containerised environments, Threat actors may exploit the vulnerability breaking out of container isolation and affecting other tenants on the same host in containerised environments.
Known Exploitation
This vulnerability is being actively exploited in the wild. A proof of concept is publicly available.
Affected Products
The vulnerability affects almost all Linux distributions running kernels released from 2017 until patched versions are applied.
Mitigation
Users and administrators of affected products are advised to update to the latest kernel versions immediately.
References
https://nvd.nist.gov/vuln/detail/CVE-2026-31431
https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html