Share
## https://sploitus.com/exploit?id=828FD4F1-CE42-5B01-9A8E-18BDA662C8D2
# Copy Fail โ€” Python PoC (CVE-2026-31431)

This is a compact Python proof-of-concept for **Copy Fail** ([CVE-2026-31431](https://nvd.nist.gov/vuln/detail/CVE-2026-31431)), a Linux kernel local privilege escalation via `AF_ALG` and `splice()` that corrupts the page cache of a readable file such as `/usr/bin/su`. It is based on the [Theori PoC](https://github.com/theori-io/copy-fail-CVE-2026-31431), extended with `ctypes` splice for **Python 3.7+** compatibility and a **`/bin/bash`** root shell instead of `/bin/sh`.

Run it on a vulnerable Linux host with `python3 copy_fail_exp.py`. It requires only the Python standard library, read access to the target binary, and a kernel in the affected range (roughly 4.9 through 6.18).

**Disclaimer:** For authorized testing and education only. Do not use on systems without permission.

**References:** [Theori writeup](https://github.com/theori-io/copy-fail-CVE-2026-31431) ยท [CVE-2026-31431](https://nvd.nist.gov/vuln/detail/CVE-2026-31431)