Copy Fail: The 732-Byte Script That Roots Every Major Linux Systems
A high-severity Linux kernel vulnerability, dubbed 'Copy Fail' (CVE-2026-31431), allows unprivileged users to gain root access on nearly every major Linux distribution since 2017. The vulnerability is exploitable via a 732-byte Python script that corrupts the in-memory version of a setuid binary.
A major flaw in the Linux kernel, known as 'Copy Fail' (CVE-2026-31431), grants root access on major Linux distributions since 2017. The vulnerability is a straight-line logic flaw, making it 100% reliable. It uses a tiny 732-byte Python script to gain full root access by targeting the Page Cache (RAM). The exploit corrupts the in-memory version of a setuid binary, such as `/usr/bin/su`, allowing attackers to gain root access without needing a password. The bug is already fixed in Linux Kernel 6.18.22, 6.19.12, and 7.0 versions. Users running older Kernels must update them to prevent exploitation.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.