Skip to content
Auto-CTI
Back to all deep dives
UNIT 42

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years

HIGH Linux CVE-2026-31431 Ubuntu kernel copy-fail
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years

Strategic summary

Copy Fail enables local privilege escalation by manipulating the in-memory cache of privileged binaries without modifying on-disk files, bypassing integrity checks.

Relevance for you

Critical Linux kernel vulnerability affecting Ubuntu systems; immediate patching and impact assessment required for production Ubuntu 24.04 LTS deployments.

Mentioned CVEs

Risk score

100
cvss base
78.00
kev bonus
0.00
epss bonus
0.00
poc bonus
0.00
raw before weight
78.00
industry weight
1.30
freshness factor
1.00
days old
0.00

Path: operational

MITRE ATT&CK mapping

1 TTP
Recon
Resource Dev
Initial Access
Execution
Persistence
Priv. Escal.
Def. Evasion
Cred. Access
Discovery
Lateral Mov.
Collection
C2
Exfiltration
Impact
Other
T1068
Conf.: high medium low

Procedure details

Technique Tactic Procedure Conf. Source
T1068
Technique T1068 explicitly referenced in source: Unit 42 high primary
ESC