## https://sploitus.com/exploit?id=C6345515-9309-508D-A551-A534197EA0B0
# CVE-2026-31431 "Copy Fail" - Research & Pentesting Tool
[](LICENSE)
[](#)
[](https://www.python.org/)
[](#)
---
# โ ๏ธ DISCLAIMER
This project is provided strictly for:
- Security research
- Educational purposes
- Authorized penetration testing
- CTF and laboratory environments
## By using this tool, you agree that:
- You own the target system **or**
- You have explicit written authorization to test the target
- You will not use this project for illegal or malicious activity
- You understand all legal and ethical consequences of unauthorized access
The author and contributors are **NOT responsible** for misuse, damages, data loss, service interruption, or any illegal activities performed using this software.
---
# ๐ Description
Proof-of-concept research tool for **CVE-2026-31431**, also known as **"Copy Fail"**, a Linux kernel vulnerability affecting the `algif_aead` / `authencesn` AEAD implementation.
The vulnerability may allow page cache corruption under specific conditions, potentially leading to local privilege escalation on vulnerable systems.
- **Affected Systems:** Linux kernel 4.17+ (before April 2026 security patches)
- **Severity:** High
- **CVSS Score:** 7.8
---
# โจ Features
- ๐ Non-destructive vulnerability detection
- โก Local privilege escalation testing
- ๐งน Cleanup and restoration routine
- ๐ Simple command-line interface
- ๐ก๏ธ Research-focused workflow
---
# ๐ฆ Installation
Clone the repository:
```bash
git clone https://github.com/Lutfifakee-Project/CVE-2026-31431.git
cd CVE-2026-31431
```
---
# ๐ Usage
## Check if the system is vulnerable
```bash
python3 exploit.py
```
## Run authorized exploitation test
```bash
python3 exploit.py --exploit
```
When prompted:
```text
Type 'YES' to continue
```
## Cleanup after testing
```bash
python3 exploit.py --cleanup
```
## Show help menu
```bash
python3 exploit.py --help
```
---
# ๐ธ Example Output
```text
$ python3 exploit.py --exploit
[!] DANGER ZONE: Exploit mode
Type 'YES' to continue: YES
[*] CVE-2026-31431 Copy Fail Exploit
[+] Page cache patching complete!
[+] Executing modified su...
# id
uid=0(root) gid=1001(user)
```
---
# ๐ก๏ธ Mitigation
If you are a system administrator and need to mitigate exposure:
## Disable the vulnerable module
```bash
echo "install algif_aead /bin/false" | sudo tee /etc/modprobe.d/disable-algif-aead.conf
sudo rmmod algif_aead 2>/dev/null
```
---
# ๐ References
- CVE Details: https://nvd.nist.gov/vuln/detail/CVE-2026-31431
- Disclosure: https://copy.fail