## https://sploitus.com/exploit?id=657E1AB3-FDC1-5ED3-9834-337A260BBE9D
# CVE-2026-31431
**Copy Fail** – a 4‑byte page‑cache write primitive in the Linux kernel's `authencesn` AEAD template, exploitable via `AF_ALG` + `splice()`.
CVE-2026-31431 is a deterministic, race‑free logic bug in the Linux kernel.
An unprivileged local user can overwrite **4 bytes** in the page‑cache of any readable file.
The on‑disk file is never touched; only the in‑memory copy is modified.
Because the page cache is shared system‑wide (including across containers), this primitive can be used for:
- **Local Privilege Escalation** (root)
- **Container Escape** (page cache is shared with the host)
The vulnerability was discovered by **Xint Code Research Team** and disclosed in April 2026.
For the full technical breakdown, see [Copy Fail: 732 Bytes to Root on Every Major Linux Distribution](https://xintcode.com/copyfail).