CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
I can at least tell you what it does because I tested it:
It override your /usr/bin/su so that it now let you run as root with no password.
My guess is that the payload is an su command that was modified to run without requiring password but it’s also possible - though unlikely - that it just patch your existing su.
either way if you will run the script, you need to backup your existing su command first.
Correction: The script doesn’t permanently modify the su file instead it modifies a cached copy of the file in memory. restarting your device or doing echo 3 > /proc/sys/vm/drop_caches to flush the cache restore the su file to its original state
I can at least tell you what it does because I tested it:
It override your /usr/bin/su so that it now let you run as root with no password.
My guess is that the payload is an su command that was modified to run without requiring password but it’s also possible - though unlikely - that it just patch your existing su.
either way if you will run the script, you need to backup your existing su command first.
Correction: The script doesn’t permanently modify the su file instead it modifies a cached copy of the file in memory. restarting your device or doing
echo 3 > /proc/sys/vm/drop_cachesto flush the cache restore the su file to its original state