VU#260001: Linux kernel contains local privilege escalation vulnerability (Copy Fail)

Overview

A privilege escalation vulnerability has been discovered in Linux kernel versions version 4.17 (released 2017) and later. Many popular distributions and Linux-based containers are affected. This vulnerability was publicly disclosed on April 29, 2026, has been assigned CVE ID CVE-2026-31431, and is commonly referred to as “Copy Fail.”

Description

The Linux kernel, since version 4.17, includes the algif_aead module, which provides user space access to authenticated encryption with associated data (AEAD) operations via the AF_ALG interface. This module may be available as a loadable kernel module or compiled directly into the kernel, depending on the Linux distribution or the custom built Linux install.

According to the https://copy.fail disclosure statement:

An unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root.

The vulnerability is caused by a logic flaw in the Linux kernel’s algif_aead (AF_ALG) implementation. An unprivileged local user can reliably perform a controlled 4-byte write into the page cache of any readable file without race conditions or timing dependencies.

Critically, the corrupted page is not marked dirty, so the modified contents are never written back to disk. The underlying file remains unchanged, allowing the in-memory corruption to bypass checksum and file integrity verification mechanisms. Because subsequent reads are served from the page cache, an attacker can target a setuid binary and modify its in-memory contents to achieve local privilege escalation to root.

A 732-byte proof-of-concept Python script demonstrates exploitation by modifying a setuid binary to obtain root privileges on many Linux distributions released since 2017. This vulnerability was discovered by Taeyang Lee of Theori, with assistance from their AI-based static application security testing (SAST) tool, Xint Code, during analysis of the Linux kernel cryptographic subsystem.

Impact

This vulnerability allows an unprivileged local user to modify the in-memory contents of a setuid binary and escalate privileges to root. Public proof-of-concept (PoC) exploit code is available, therefore increasing the likelihood of exploitation.

Solution

Patch the Kernel

Apply the upstream kernel patch that addresses the issue by reverting AF_ALG AEAD to an out-of-place operation.

Update your distribution’s kernel package as soon as vendor patches become available. Most major Linux distributions are expected to release fixes through their standard update channels.

Workarounds (if patching is not immediately possible):

1. Disable the algif_aead module (if loadable):
   echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf
rmmod algif_aead 2>/dev/null
   This prevents the module from being loaded and removes it if already active.

2. If algif_aead is compiled into the kernel (not a dynamic module), the following parameter can be added to grub or systemd-boot or grubby depending on your boot configuration:
   initcall_blacklist=algif_aead_init
   This prevents the module from initializing at boot time. A system reboot is required for this change to take effect.

Note: These workarounds may impact applications that rely on AF_ALG cryptographic interfaces.

Mitigation for containers

For containerized environments, where this vulnerability may be leveraged for container escape, consider applying one or more of the following mitigations:

• Secure computing (seccomp) filtering: Restrict or deny system calls that create sockets using the AF_ALG address family (protocol 38).
• AppArmor policies: Use AppArmor to block creation of AF_ALG sockets via the network alg rule.
• eBPF-based enforcement: Deploy BPF-based controls to deny socket creation with address family AF_ALG (38).

This is adopted from the guidance provided by bytedance for the vArmor community.

Note on Virtualization

While the internal kernel within a virtual machine (VM) or MicroVM is susceptible to this vulnerability, standard virtualization provides hardware-enforced memory isolation. This bug cannot be directly leveraged to facilitate a virtualization escape from a guest to the host. Virtualization and micro-virtualization technologies effectively contain the impact to the individual VM instance, protecting the host kernel and neighboring tenants from guest-originated attacks.

Acknowledgements

This vulnerability was disclosed by Theori.io research group. This document was written by Bob Kemerer and Vijay Sarvepalli.