Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers

A critical Linux kernel local privilege escalation (CVE-2026-31431, “CopyFail”) and a publicly released exploit script enable reliable root escalation across many kernel releases by exploiting a crypto API logic error that writes four bytes past a destination buffer. Although patches were issued for multiple kernel lines, many distributions had not yet incorporated fixes at disclosure time, leaving shared infrastructure — containers, multi-tenant hosts, CI/CD jobs, and personal devices — at significant risk of full compromise.