CVE-2026-31431
This repository is a defensive research workspace for studying the Linux
copy_fail vulnerability tracked as CVE-2026-31431.
The goal of this repository is to preserve analysis notes, document impact, and support safe local assessment. It is not intended to provide a turnkey exploit or post-exploitation workflow.
reports/CVE-2026-31431_Copy_Fail_Report.md- English vulnerability report.code/safe_assessment.py- Non-destructive local exposure assessment helper.
Do not run exploit code on systems you do not own or administer. For local
testing, prefer an isolated virtual machine or disposable lab host. The helper in
code/safe_assessment.py performs read-only checks and does not attempt to
trigger memory corruption, overwrite files, spawn a shell, or modify system
state.
Caution
You need to understand what you are doing before running copy_fail_exp.py. You are solely responsible for the consequences of running this script. Do not run this script on unauthorized computer devices, as this will have unforeseen legal consequences. This code is for educational purposes, technical research, and security testing only; please do not use it for illegal purposes.
Source of copy_fail_exp.py:theori-io/copy-fail-CVE-2026-31431/copy_fail_exp.py
Run the safe assessment helper:
python3 code/safe_assessment.pyThe helper reports kernel metadata, whether AF_ALG appears available to the
current Python runtime, and whether potentially relevant kernel crypto
algorithms are visible in /proc/crypto.
- Inventory affected Linux hosts and record kernel release strings.
- Check vendor advisories for fixed kernel packages.
- Prioritize patching systems where untrusted local users can execute code.
- Restrict shell access and container escape surfaces while patching.
- Monitor for unexpected privileged process launches and suspicious use of AF_ALG sockets from untrusted user contexts.
Public vulnerability names and CVE metadata can change as advisories are updated. Treat this repository as a working research artifact and refresh the report before external publication.
Useful public references: