Copy Fail Linux kernel flaw lets unprivileged local users gain root across major distros and shared-host environments

The article details CVE-2026-31431, dubbed Copy Fail, a Linux kernel vulnerability affecting kernels built from 2017 until the patch. The exploit reportedly works unmodified across major distributions and lets an unprivileged local account gain root without network access or special kernel features.

The biggest risk is for multi-tenant Linux environments such as Kubernetes clusters, CI runners, shared dev boxes, and SaaS platforms that execute user-supplied code. The case highlights how default-enabled kernel subsystems can create broad cross-distro exposure when a bug affects shared host resources.

Copy Fail – CVE-2026-31431