CVE-2026-31431, dubbed Copy Fail, is a critical local privilege escalation vulnerability in the Linux kernel affecting distributions released since 2017. By abusing the AF_ALG socket interface and the authencesn cryptographic template, an attacker can perform a controlled write into the in-memory page cache of setuid binaries, gaining root access without altering on-disk files.