CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
according to this (good) blog post the disclosure to the linux kernel security team was already like a month ago so i would imagine the fix is already on a lot of systems
If your system is up-to-date, your kernel has probably already been patched. The patch was added to mainline on April 1, and I think every major distribution will have added it by now.
Here on my Artix* Linux it still asks for the password; *OpenRC
systemd, KDE Plasma, Wayland.https://xint.io/blog/copy-fail-linux-distributions
according to this (good) blog post the disclosure to the linux kernel security team was already like a month ago so i would imagine the fix is already on a lot of systems
If your system is up-to-date, your kernel has probably already been patched. The patch was added to mainline on April 1, and I think every major distribution will have added it by now.
same, Kubuntu 26.04 asks for my password when running the exploit script