Updated
Updated · SecurityWeek · Apr 30
Linux kernel bug allows unprivileged attackers to gain root access
Updated
Updated · SecurityWeek · Apr 30

Linux kernel bug allows unprivileged attackers to gain root access

13 articles · Updated · SecurityWeek · Apr 30
  • Tracked as CVE-2026-31431 with a CVSS score of 7.8, the flaw is believed to affect essentially all Linux distributions shipped since 2017.
  • Theori said a 2017 optimisation in the authencesn AEAD template used by IPsec ESN can overwrite four bytes in cached setuid-root binaries, enabling root shell with a 732-byte Python script.
  • The bug is especially risky for multi-tenant systems, shared-kernel containers and CI runners because page cache is shared and disk files stay unchanged; patches remove the 2017 optimisation.
Could AI-driven vulnerability discovery soon outpace defenders, making zero-day Linux exploits like CopyFail a routine threat?
With patching lagging behind disclosure, how can organizations effectively automate detection and mitigation of universal exploits across diverse Linux environments?

Related Stories

SecurityWeekApr 30
loginline.comApr 30
GovInfoSecurity.comApr 30
The Hacker NewsApr 30
Help Net SecurityApr 30
Ars TechnicaApr 30
theori.ioApr 30
RedditApr 30
InstagramApr 30
bugcrowd.comApr 30
linkedinApr 30
github.comApr 30
xint.ioApr 30