Cybersecurity firm Xint has discovered a critical Linux kernel vulnerability, dubbed "Copy Fail" (CVE-2026-31431), hiding in plain sight since 2017. Using AI-assisted scanning, researcher Tim Becker found a logic flaw in the kernel's cryptography system that lets any unprivileged local user gain full root access — reliably, 100% of the time, with just 10 lines of exploit code.
The bug affects every Linux distribution and leaves zero disk traces, clearing itself on reboot. Real-world risks include Kubernetes container escapes and CI/CD pipeline compromises. A patch is already available. Older, unpatched systems predating 2017 are ironically unaffected.
Source: Dark Reading