Threat actors are exploiting a vulnerability in the Linux Kernel tracked as CVE-2026-31431. Named Copy Fail, it’s a critical Linux kernel local privilege escalation vulnerability that allows unprivileged users to gain root by corrupting the page cache of setuid binaries via the AF_ALG crypto API. The vulnerability was discovered and reported by Theori and Xint. CISA also acknowledged the active exploitation of the vulnerability … Continue reading “Linux Kernel Vulnerability Exploited in the Wild (Copy Fail) (CVE-2026-31431)”
Tag: Linux Kernel
Linux Kernel ePBF Local Privilege Escalation Vulnerability (CVE-2020-8835)
The Linux kernel was reported with out-of-bounds reads and writes vulnerability due to lack of calculation in register bounds of ePBF code. Using this vulnerability (CVE-2020-8835), a local authenticated user can exploit and expose sensitive information resulting in high data loss. In ZDI’s Pwn2own competition, Manfred Paul demonstrated the flaw in the bpf verifier for … Continue reading “Linux Kernel ePBF Local Privilege Escalation Vulnerability (CVE-2020-8835)”