{"uuid": "a38f084c-b0e8-4af8-9434-15baed1c10bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-31431", "type": "seen", "source": "https://infosec.exchange/users/cert_eu/statuses/116492956743147474", "content": "High Vulnerability in the Linux Kernel (\"Copy Fail\") (CERT-EU Security Advisory 2026-005)\nOn 29 April 2026, a high local privilege escalation vulnerability in the Linux kernel, tracked as CVE-2026-31431 and named \"Copy Fail\", was publicly disclosed.\nThe vulnerability affects every mainstream Linux distributions shipping a kernel built since 2017. A public proof-of-concept exploit has been released.As of the date of this advisory, no distribution has shipped a fixed kernel package. The mainline fix was committed on 1 April 2026, but vendor updates are still pending across all major distributions. \nCERT-EU strongly recommends applying the interim mitigation immediately, prioritising Kubernetes nodes, and CI/CD runners exposed to untrusted workloads.\nhttps://www.cert.europa.eu/publications/security-advisories/2026-005/", "creation_timestamp": "2026-04-30T09:30:55.246235Z"}