Share
## https://sploitus.com/exploit?id=C6345515-9309-508D-A551-A534197EA0B0
# CVE-2026-31431 "Copy Fail" - Research & Pentesting Tool

[![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](LICENSE)
[![Platform](https://img.shields.io/badge/Platform-Linux-red.svg)](#)
[![Python](https://img.shields.io/badge/Python-3.x-blue.svg)](https://www.python.org/)
[![Status](https://img.shields.io/badge/Status-Research-important.svg)](#)

---

# โš ๏ธ DISCLAIMER

This project is provided strictly for:

- Security research
- Educational purposes
- Authorized penetration testing
- CTF and laboratory environments

## By using this tool, you agree that:

- You own the target system **or**
- You have explicit written authorization to test the target
- You will not use this project for illegal or malicious activity
- You understand all legal and ethical consequences of unauthorized access

The author and contributors are **NOT responsible** for misuse, damages, data loss, service interruption, or any illegal activities performed using this software.

---

# ๐Ÿ“– Description

Proof-of-concept research tool for **CVE-2026-31431**, also known as **"Copy Fail"**, a Linux kernel vulnerability affecting the `algif_aead` / `authencesn` AEAD implementation.

The vulnerability may allow page cache corruption under specific conditions, potentially leading to local privilege escalation on vulnerable systems.

- **Affected Systems:** Linux kernel 4.17+ (before April 2026 security patches)
- **Severity:** High
- **CVSS Score:** 7.8

---

# โœจ Features

- ๐Ÿ” Non-destructive vulnerability detection
- โšก Local privilege escalation testing
- ๐Ÿงน Cleanup and restoration routine
- ๐Ÿ“„ Simple command-line interface
- ๐Ÿ›ก๏ธ Research-focused workflow

---

# ๐Ÿ“ฆ Installation

Clone the repository:

```bash
git clone https://github.com/Lutfifakee-Project/CVE-2026-31431.git
cd CVE-2026-31431
```

---

# ๐Ÿš€ Usage

## Check if the system is vulnerable

```bash
python3 exploit.py
```

## Run authorized exploitation test

```bash
python3 exploit.py --exploit
```

When prompted:

```text
Type 'YES' to continue
```

## Cleanup after testing

```bash
python3 exploit.py --cleanup
```

## Show help menu

```bash
python3 exploit.py --help
```

---

# ๐Ÿ“ธ Example Output

```text
$ python3 exploit.py --exploit

[!] DANGER ZONE: Exploit mode
Type 'YES' to continue: YES

[*] CVE-2026-31431 Copy Fail Exploit
[+] Page cache patching complete!
[+] Executing modified su...

# id
uid=0(root) gid=1001(user)
```

---

# ๐Ÿ›ก๏ธ Mitigation

If you are a system administrator and need to mitigate exposure:

## Disable the vulnerable module

```bash
echo "install algif_aead /bin/false" | sudo tee /etc/modprobe.d/disable-algif-aead.conf
sudo rmmod algif_aead 2>/dev/null
```

---

# ๐Ÿ“š References

- CVE Details: https://nvd.nist.gov/vuln/detail/CVE-2026-31431
- Disclosure: https://copy.fail