CVE-2026-31431 Copy Fail — Universal LPE exploit. Dynamic ELF offset + full-binary overwrite, Python 2/3 compatible with ctypes splice fallback
-
Updated
May 6, 2026 - Python
#
copy-fail
Here are 8 public repositories matching this topic...
Detection, mitigation, and IOC toolkit for Copy Fail CVE-2026-31431 Linux kernel page-cache privilege escalation
linux ioc incident-response linux-kernel yara privilege-escalation cve-2026-31431 copy-fail copyfail
-
Updated
Apr 30, 2026 - Python
Copy Fail (CVE-2026-31431) LPE exploit. A clean, multi-arch Python reimplementation targeting the Linux kernel AF_ALG page cache vulnerability.
exploit linux-kernel privilege-escalation lpe af-alg security-research zeroday xint cve-2026-31431 copy-fail
-
Updated
May 5, 2026 - Python
Runtime integrity guard: detect and block Linux page cache tampering (Copy Fail, Dirty Pipe, Dirty Frag) via O_DIRECT + fanotify. Includes 7 host-side exploitation PoCs.
privilege-escalation page-cache suid linux-security kernel-exploit o-direct container-security fanotify runtime-protection cve-2022-0847 dirty-pipe cve-2026-31431 copy-fail dirty-frag cve-2026-43284 cve-2026-43500
-
Updated
May 11, 2026 - Python
Educational rewrite of the Copy Fail PoC (CVE-2026-31431) — Linux kernel LPE via algif_aead in-place crypto + splice() page-cache write
-
Updated
May 4, 2026 - Python
-
Updated
Apr 30, 2026 - Python
CVE-2026-31431 ("Copy Fail") vulnerability detector & exploit on Astra linux 1.7.6 with 3.7+ python
-
Updated
May 12, 2026 - Python
Improve this page
Add a description, image, and links to the copy-fail topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the copy-fail topic, visit your repo's landing page and select "manage topics."