Copy Fail (Linux CVE)

External Image Xint

Copy Fail — 732 Bytes to Root

CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.

Most Linux LPEs need a race window or a kernel-specific offset. Copy Fail is a straight-line logic flaw — it needs neither. The same 732-byte Python script roots every Linux distribution shipped since 2017.

This is another exploit found with AI assistance. I hope this treasure trove of exploits will be patched and empty before black hat hackers start using these advanced AI models to find and exploit unknown vulnerabilities.

At the same time, I fear that these advanced AI models will be locked behind a paywall. And if only a few companies have direct access to these models (e.g. OpenAI, Anthropic) then they would wield too much power in the cybersecurity landscape. This could create a world where software cannot be trusted if it isn’t audited using advanced AI.