Linux Copy Fail zero-day enables privilege escalation

A high-severity Linux kernel zero-day (CVE-2026-31431, "Copy Fail") enables local privilege escalation by causing a 4-byte out-of-bounds write during AF_ALG AEAD in-place decryption that corrupts page-cache-backed executable pages, allowing unprivileged users to escalate to root on many major Linux distributions since 2017; the report includes analysis, a small exploit demonstration, and mitigations such as applying upstream patches or unloading/disabling the algif_aead module, while recommending Zero Trust controls and allowlisting to block exploitation.