TL;DR: CVE-2026-31431 (Copy Fail) is a high-severity local privilege escalation vulnerability in the Linux kernel's
algif_aeadmodule, affecting kernels built since 2017. A public proof-of-concept (PoC) exploit — roughly 732 bytes of Python — reliably escalates an unprivileged local user to root across all major distributions. A related technique, DirtyFrags, targets a separate Linux subsystem and achieves similar outcomes. For automotive OEMs and Tier 1 suppliers, both vulnerabilities are operationally significant: modern vehicles rely heavily on embedded Linux, and the deterministic, repeatable nature of these exploits makes them practical tools for post-access privilege escalation within connected vehicle architectures.
CVE-2026-31431, disclosed on April 29, 2026, by researchers at Theori and Xint, is a local privilege escalation (LPE) vulnerability in the Linux kernel's cryptographic subsystem. The flaw originates from an in-place optimization introduced in 2017 (kernel commit 72548b093ee3), which allows page-cache pages to be placed into a writable destination scatterlist. By chaining an AF_ALG socket operation with the splice() system call, an unprivileged local user can perform a controlled 4-byte write into the page cache of any readable file — including setuid binaries such as /usr/bin/su — without modifying the on-disk file. Executing the corrupted in-memory binary yields a root shell.
The exploit is not remotely triggered in isolation. It requires an initial foothold — local shell access, a container escape, a compromised CI job, or a prior vulnerability in an exposed service. Once that foothold exists, Copy Fail elevates any unprivileged user to root in seconds, across distributions, without race conditions or crash-prone timing windows.
This is what makes Copy Fail operationally significant: unlike many privilege-escalation vulnerabilities that depend on probabilistic memory corruption or fragile timing, Copy Fail is a straight-line logic flaw. It is deterministic, reliable, and distribution-agnostic.
The upstream fix — mainline commit a664bf3d603d, which reverts the 2017 optimization — was committed on April 1, 2026. As of the date of this publication, vendor patches remain pending or partially available across major distributions. The National Vulnerability Database entry for CVE-2026-31431 and CERT-EU Security Advisory 2026-005 provide current patch status by distribution.
Understanding Copy Fail
The following table summarizes the key vulnerability attributes for CVE-2026-31431.
| Vulnerability | CVE-2026-31431 (Copy Fail) |
| CVSS score | 7.8 (High) |
| Vulnerability type | Local privilege escalation (AV:L/PR:L) |
| Attack vector | Local code execution by an unprivileged user (PR:L) |
| Brief technical description | A flaw in the Linux kernel’s crypto subsystem allows an attacker to corrupt the page cache of readable files, including setuid binaries. Attackers can abuse this behavior to execute code with root privileges and escalate access on affected systems. |
How the exploit works
The algif_aead module exposes the kernel's authenticated encryption with associated data (AEAD) ciphers to userspace via AF_ALG sockets. The 2017 optimization that introduced the flaw allowed the kernel to reuse source memory as the destination during in-place cryptographic operations. This behavior inadvertently extends the output scatterlist into chained page-cache pages.
The public PoC chains three primitives:
Bind an
AF_ALGsocket to theauthencesn(hmac(sha256),cbc(aes))algorithm.Use
splice()to pull page-cache pages of/usr/bin/suinto the cryptographic pipeline.Issue a
recvmsg()call whose additional authenticated data (AAD) bytes supply the 4-byte value to be written into the target page.
The HMAC verification fails as expected — but the 4-byte corruption persists in the page cache. Repeating this primitive at successive offsets stages shellcode into the cached pages of /usr/bin/su. Running su afterward executes the corrupted in-memory binary and yields a root shell.
Key security assumption broken: Linux systems assume that read-only access to privileged files does not permit modification. Copy Fail violates this assumption entirely, without touching the on-disk binary.
Affected distributions
Verified affected distributions include Ubuntu 24.04 LTS, Amazon Linux 2023, Red Hat Enterprise Linux (RHEL) 10.1, and SUSE 16. Other distributions running kernels in the affected range — including Debian, Arch Linux, Fedora, Rocky Linux, and embedded Linux variants — are implicitly affected. Ubuntu 26.04 (Resolute) and later kernels are not affected.
Is DirtyFrag another Copy Fail?
Within hours of the initial Copy Fail disclosure, researchers published details of a related local privilege escalation technique dubbed DirtyFrag — also referred to as "Copy Fail 2."
DirtyFrag belongs to the same broader vulnerability class as Copy Fail but targets a different Linux subsystem. Where Copy Fail abuses the algif_aead module via AF_ALG sockets, DirtyFrag reportedly exploits Linux xfrm and ESP-in-UDP handling paths to achieve comparable page-cache overwrite behavior and elevated privilege outcomes. Researchers have also observed that similar behavior may affect IPv6 processing paths.
The significance here is not just the second vulnerability — it is what the pair reveals. The rapid emergence of DirtyFrag suggests that researchers and threat actors are now actively surveying a broader class of page-cache manipulation vulnerabilities across Linux subsystems. This shifts the conversation beyond a single CVE to deeper questions about copy-on-write assumptions, trusted kernel operations, and filesystem memory-handling behavior across the Linux kernel.
Research surrounding DirtyFrag continues to evolve at the time of publication. Automotive security teams should treat both vulnerabilities as part of a developing vulnerability class rather than isolated incidents.
Mapping Copy Fail and DirtyFrags to MITRE frameworks
VicOne's CyberThreat Research Lab mapped publicly available exploitation methodologies for both Copy Fail and DirtyFrags to the MITRE ATT&CK® framework and the MITRE ATT&CK® for Automotive (ATM) framework. This mapping illustrates how each vulnerability integrates into broader attack chains across traditional enterprise and embedded automotive environments.
Copy Fail (CVE-2026-31431) — MITRE mapping
| Technical Action | MITRE Tactic | MITRE Technique (ID) | ATM Tactic | ATM Technique (ID) |
|---|---|---|---|---|
| Create a bash script | Resource Development | Develop Capabilities: Exploits (T1587.004) | N/A | N/A |
| Execute the Python script | Execution | Command and Scripting Interpreter: Python (T1059.006) | Execution | Command and Scripting Interpreter (ATM-T0018) |
| Send crafted payload via netlink | Privilege Escalation | Exploitation for Privilege Escalation (T1068) | Privilege Escalation | Exploit OS Vulnerability (ATM-T0026) |
| Execute /usr/bin/su for root | Privilege Escalation | Abuse Elevation Control Mechanism (T1548) | Privilege Escalation | Abuse Elevation Control Mechanism (ATM-T0024) |
Table 1. Copy Fail MITRE mapping
DirtyFrag ("Copy Fail 2") — MITRE mapping
| Technical Action | MITRE Tactic | MITRE Technique (ID) | ATM Tactic | ATM Technique (ID) |
|---|---|---|---|---|
| Create a bash script | Resource Development | Develop Capabilities: Exploits (T1587.004) | N/A | N/A |
| Execute the bash script | Execution | Command and Scripting Interpreter: Unix Shell (T1059.004) | Execution | Command and Scripting Interpreter (ATM-T0018) |
| Bypass AppArmor | Defense Evasion | Abuse Elevation Control Mechanism (T1548) | Defense Evasion | Bypass Mandatory Access Control (ATM-T0034) |
| Access /etc/passwd | Discovery | File and Directory Discovery (T1083) | Discovery | File and Directory Discovery (ATM-T0042) |
| Send crafted UDP packet | Privilege Escalation | Exploitation for Privilege Escalation (T1068) | Privilege Escalation | Exploit OS Vulnerability (ATM-T0026) |
| Inject uid-0 user | Persistence | Create Account: Local Account (T1136.001) | N/A | N/A |
| Run su to obtain root | Privilege Escalation | Abuse Elevation Control Mechanism (T1548) | Privilege Escalation | Abuse Elevation Control Mechanism (ATM-T0024) |
Table 2. DirtyFrag (“Copy Fail 2”) MITRE mapping
The implications of these attack paths become increasingly significant as Linux-based software environments expand across modern vehicle architectures. DirtyFrag in particular introduces a persistence step — injecting a uid-0 user via /etc/passwd modification — that Copy Fail alone does not include. This extends the operational footprint of a successful exploitation chain within an automotive environment.
Why automotive OEMs and suppliers should care
Modern vehicles are, in many respects, distributed Linux computing platforms. Automotive Grade Linux (AGL), AUTOSAR Adaptive Platform implementations, telematics control units (TCUs), advanced driver-assistance systems (ADAS), gateways, and in-vehicle infotainment (IVI) systems all rely on Linux-based operating environments. This is not a niche deployment: Linux underpins a significant share of the software-defined vehicle (SDV) architectures that major automotive OEMs — including those operating in Japan's automotive supply chain — are actively deploying and scaling.
Copy Fail and DirtyFrag are significant in this context for three reasons.
Container escape and sandbox bypass
If an attacker gains limited access to an application or containerized environment within a vehicle system, Copy Fail and DirtyFrag could allow escape from that sandboxed execution environment and elevation to the underlying host operating system. Because the page cache is shared across containers and the host, exploitation does not need to occur at the host level to affect it.
Lateral movement within vehicle networks
Once elevated privileges are obtained within a Linux-based automotive environment, an attacker may be able to move laterally across connected systems — including gateways and TCUs — depending on network segmentation, architecture, and the security controls in place. In some scenarios, this could increase exposure to in-vehicle networks such as the controller area network (CAN) bus.
Deterministic exploitability
The deterministic nature of Copy Fail and DirtyFrags is what distinguishes them from many other privilege-escalation vulnerabilities. Exploits that rely on race conditions or probabilistic memory corruption are difficult to weaponize reliably. Copy Fail requires no such conditions. It is a straight-line logic flaw that works across distributions and kernel configurations without modification.
For automotive security teams, this means the standard "low exploitability" risk discount does not apply here. A reliable, distribution-agnostic privilege-escalation primitive that works in seconds is a meaningful post-access tool wherever Linux is deployed in a vehicle.
For automotive OEMs and Tier 1 suppliers, these vulnerabilities reinforce the importance of rapid patch management, runtime monitoring, and behavioral detection alongside compliance obligations under frameworks such as ISO/SAE 21434, UNECE WP.29 (UN Regulation No. 155), and the Cyber Resilience Act (CRA), which apply directly to vehicle cybersecurity risk management in Japan and across major automotive markets.
What to do next
Automotive OEMs and suppliers should prioritize the following actions for Linux-based and containerized automotive environments affected by Copy Fail and DirtyFrags.
Immediate mitigations (while patches are pending)
Where vendor kernel patches are not yet available, the following interim controls can reduce exposure:
Disable the
algif_aeadkernel module on affected systems that do not require userspace AEAD crypto viaAF_ALG. This does not affectdm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. Exposure can be assessed withlsof | grep AF_ALG.Block
AF_ALFsocket creation via seccomp policies on containerized workloads. Because the exploit requires opening anAF_ALGsocket as a first step, this measure can prevent exploitation even on unpatched kernels.Apply kernel patches as soon as they are available for your distribution. Fixed versions are Linux 7.0, 6.19.12, and 6.18.22, with corresponding backports for older long-term support (LTS) lines. Current patch status by distribution is tracked at NVD — CVE-2026-31431.
Runtime monitoring and behavioral detection
As exploit variants continue to emerge across Linux subsystems, static signatures alone are insufficient. Defenders need visibility into abnormal privilege escalation and syscall behavior associated with exploitation attempts.
Analysis conducted by VicOne's CyberThreat Research Lab suggests that exploitation attempts associated with Copy Fail and DirtyFrags may produce highly anomalous behavior within electronic control units (ECUs) and embedded Linux deployments. In constrained automotive environments, the legitimate use of certain kernel subsystems — including AF_ALG socket operations and specific networking paths — is often limited or entirely absent. This creates conditions for high-confidence behavioral detection with low false-positive rates.
The practical implication: in a standard automotive ECU environment, an AF_ALG socket operation followed by a splice() call targeting a setuid binary is not normal behavior. It is detectable.
VicOne xCarbon, an automotive-grade intrusion detection and prevention system (IDS/IPS), supports this approach by enabling visibility into abnormal process execution and syscall behavior across Linux-based automotive and embedded systems — without requiring kernel patches to be in place first.
The broader signal
As modern vehicles increasingly inherit the complexity of general-purpose computing platforms, vulnerabilities such as Copy Fail and DirtyFrags illustrate how low-level kernel behaviors can become operationally significant risks within connected automotive ecosystems. The rapid emergence of DirtyFrags within hours of Copy Fail's disclosure is a signal worth taking seriously: this is not a single vulnerability to patch and move on from. It is evidence of an active research focus on a vulnerability class that is directly relevant to the Linux environments automotive OEMs and suppliers depend on.
Patch management, runtime behavioral detection, and compliance-aligned risk assessment under ISO/SAE 21434 and UNECE WP.29 are not independent workstreams. For software-defined vehicles, they are the same workstream.
