U.S. government warns of severe CopyFail bug affecting major versions of Linux

CopyFail (CVE-2026-31431) is a widespread Linux kernel vulnerability disclosed in late March that corrupts kernel memory when certain data is not copied, allowing a local, unprivileged user to escalate to full root. Public exploit code has been released and the flaw is reported as being exploited in the wild; it affects most modern distributions (including RHEL, Ubuntu, Amazon Linux, SUSE, Debian, Fedora and Kubernetes environments). Although not remotely exploitable on its own, CopyFail can be chained with network-facing bugs or delivered via social engineering or supply-chain compromises, prompting CISA to order federal patching.