A critical security vulnerability dubbed "Copy Fail" has been discovered in Linux, affecting nearly every distribution released since 2017. The exploit, tracked as CVE-2026-31431, allows any user to escalate privileges to root without authentication. Uncovered by the security firm Theori with the help of AI scanning tools, the flaw is triggered by a Python script that works universally across vulnerable Linux versions, requiring no per-distro tweaks or recompilation.
"No per-distro offsets, no version checks, no recompilation," said Theori in its public disclosure.
Some distributions, including Arch Linux and Red Hat Fedora, have already released patches or mitigations. The bug lies in the memory copy functionality of the Linux kernel, enabling arbitrary writes that can be weaponized for full system compromise. Users are urged to update their systems immediately.