Copy Fail: The Hidden Linux Vulnerability You Must Know

Security firm Theori and its AI-powered auditing tool Xint Code publicly disclosed the vulnerability, dubbed "Copy Fail" (CVE-2026-31431), on Wednesday, April 29. The flaw carries a CVSS score of 7.8 and affects virtually every major Linux distribution shipped since 2017, including Ubuntu, Amazon Linux, RHEL, and SUSE. Patches have been released by major distributions, and the mainline Linux kernel fix was committed on April 1.

The root cause traces to a 2017 optimization in algif_aead.c that made AEAD cryptographic operations run in-place. When combined with the splice() system call, that optimization causes page cache pages — the kernel's cached copies of on-disk files — to end up in a writable scatterlist. The authencesn AEAD algorithm then writes four bytes of scratch data into those pages as part of its normal decrypt path.

An attacker controls which file is targeted, the exact offset within it, and the value of the four bytes written. The default exploit targets /usr/bin/su, a setuid-root binary available on every tested distribution. After the page cache is modified, invoking su hands the attacker a root shell. The on-disk file remains untouched, meaning integrity monitoring tools like AIDE or dm-verity see nothing.

Unlike Dirty Pipe (CVE-2022-0847), the 2022 page-cache vulnerability to which Copy Fail has been compared, this exploit involves no race condition and requires no kernel-specific offsets. As SUSE noted in its advisory, it "does not require complex race conditions and works with 100% reliability via a tiny script".

Perhaps as notable as the vulnerability itself is how it was found. According to Theori's disclosure, Xint Code — the firm's AI vulnerability-scanning system — surfaced the flaw after roughly one hour of automated analysis of the Linux crypto/ subsystem, with "one operator prompt, no harnessing". Theori, a nine-time DEF CON CTF champion and DARPA AI Cyber Challenge finalist, published the full proof-of-concept on GitHub alongside the disclosure.

Bugcrowd's Casey Ellis wrote that the discovery suggests "the cost of finding deep logic flaws may have dropped by something like an order of magnitude," warning that organizations whose threat models treat kernel privilege-escalation bugs as rare may have "weeks to update that — not years".

The fix, mainline commit a664bf3d603d, reverts the 2017 in-place optimization so page-cache pages no longer enter the writable scatterlist. Administrators who cannot patch immediately are advised to blacklist the algif_aead kernel module, a step Theori says will have no measurable impact on most systems since the vast majority of Linux cryptographic operations do not use the AF_ALG userspace interface. For containerized and CI environments running untrusted code, blocking AF_ALG socket creation via seccomp is recommended regardless of patch status.