CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
Exactly. It’s Yet Another Privilege Escalation Vulnerability. Unless you’re dealing with a multiuser machine, the attacker first needs to use some other vuln to get into an unprivileged account. Without that additional vulnerability, this exploit is useless.
I manage multi user systems and try to be on top of this and no, privilege escalation with a working public exploit are very rare. There’s quite a lot of CVEs with potential privilege excalation, but most of the time there is no real world exploit. And a large part of those are related to user namespaces in one way or another.
This one is truly scary, at least the immediate mitigation is pretty straightforward.
Well, it often feels like every “Linux security issue” flagged in the tech press is a privilege escalation, but I admit that I haven’t sat down and done the math.
wtf
how does that only get a CVE score of 7.8, the impact of this is huge
It’s not an interaction-less RCE, for one.
Probably because the attack vector is having a user account on the target
Exactly. It’s Yet Another Privilege Escalation Vulnerability. Unless you’re dealing with a multiuser machine, the attacker first needs to use some other vuln to get into an unprivileged account. Without that additional vulnerability, this exploit is useless.
You mean like inveigling it into a pypi or npm or whatever package? Checks out.
That’s privilege escalation for you. 7.8 is pretty high.
Yet another? Are there really so many LPEVs in linux?
I manage multi user systems and try to be on top of this and no, privilege escalation with a working public exploit are very rare. There’s quite a lot of CVEs with potential privilege excalation, but most of the time there is no real world exploit. And a large part of those are related to user namespaces in one way or another.
This one is truly scary, at least the immediate mitigation is pretty straightforward.
Well, it often feels like every “Linux security issue” flagged in the tech press is a privilege escalation, but I admit that I haven’t sat down and done the math.
“The exploit is coming from inside the house!”
hey these exploits keep the lights on for some tech youtubers, stop making fun of it!! it is very dangerous!!!
(video titled: LINUX HAS BEEN HACKED, AGAIN?!)