Share
## https://sploitus.com/exploit?id=1B799F93-A538-557E-AFBB-612396EAD174
# check-copyfail

`check-copyfail.sh` is a read-only Bash script that assesses host exposure to `CVE-2026-31431` ("Copy Fail").

It inspects the local system for:
- kernel version and known upstream patch state
- affected distribution baselines
- `algif_aead` module status
- active `AF_ALG` socket usage
- container or Kubernetes context
- mitigation state such as seccomp filters, modprobe blacklists, and GRUB `initcall_blacklist`
- pending reboot state when a newer kernel is already installed

The script combines those signals into a transparent risk score, then emits findings and prioritized recommendations.

## What this script does

`check-copyfail.sh` is intended as a host-side assessment aid for administrators and infrastructure owners. It gathers local signals related to `CVE-2026-31431`, evaluates them against the script's built-in logic, and reports an estimated exposure level with supporting findings.

The result is meant to help with investigation and triage. It is not a guarantee that a system is safe, vulnerable, fully patched, or exploitable in practice.

## Requirements

- Linux only
- Bash

## Usage

Run the actual script filename with a hyphen:

```bash
./check-copyfail.sh
./check-copyfail.sh --json
./check-copyfail.sh --quiet
./check-copyfail.sh --help
```

The script comments and embedded help still refer to `check_copyfail.sh`, but the executable file in this repository is `check-copyfail.sh`.

## Output modes

- default: human-readable report
- `--json`: structured JSON output
- `--quiet`: no output, exit code only

## Exit codes

- `0`: minimal risk
- `1`: low risk
- `2`: medium risk
- `3`: high risk
- `4`: critical risk
- `5`: execution error or unsupported platform

## Notes

- The script does not apply fixes; it only inspects the current system state.
- On non-Linux systems it exits with code `5`.

## Disclaimer

Use this script at your own risk. The maintainers of this repository are not responsible for any damage, loss, operational impact, incorrect assumptions, or decisions made based on the script output.

The script provides a best-effort assessment only. Final responsibility for validating results, confirming whether operating systems are vulnerable, and determining the appropriate remediation or operational response remains with the owner or administrator of the infrastructure.