Copy-Fail

vulnerabilities 2026-06-02
DirtyDecrypt (CVE-2026-31635): Public PoC Roots Fedora, Arch, and openSUSE via the Kernel's RxGK Path
A released proof-of-concept weaponizes CVE-2026-31635, a missing copy-on-write guard in the Linux kernel's RxGK receive path, for local root on Fedora, Arch, and openSUSE Tumbleweed — and pod escape on affected worker nodes.
linux-kernel cve-2026-31635 dirtydecrypt lpe privilege-escalation rxgk rxrpc afs page-cache copy-on-write container-escape copy-fail
vulnerability 2026-05-09
Dirty Frag: Chained Linux Kernel Bugs Hand Out Root, One Half Still Unpatched
Dirty Frag chains an xfrm-ESP page-cache write (CVE-2026-43284) with an unpatched RxRPC page-cache write (CVE-2026-43500) for reliable root on most Linux distros. Embargo blew up early — public PoC is out, RxRPC fix is not.
linux-kernel lpe cve-2026-43284 cve-2026-43500 rxrpc xfrm ipsec afs dirty-frag copy-fail
vulnerabilities 2026-04-30
Copy Fail (CVE-2026-31431): A 732-Byte Python Script Roots Every Major Linux Distro Since 2017
A nine-year-old logic bug in the kernel's algif_aead crypto interface lets an unprivileged user plant four bytes anywhere in the page cache — including inside a setuid binary's cached pages. Root in seconds, no on-disk artifacts, breaks containers.
linux-kernel cve-2026-31431 copy-fail lpe privilege-escalation container-escape algif theori xint

DirtyDecrypt (CVE-2026-31635): Public PoC Roots Fedora, Arch, and openSUSE via the Kernel's RxGK Path