Security Report: CVE-2026-31431 in Linux Kernel for Local Privilege Escalation

On April 29, 2026, Theori's Xint Code team disclosed Copy Fail which is a Linux kernel logic bug that turns any unprivileged local user into root with a 732-byte Python script. The same script works on Ubuntu, Amazon Linux, RHEL, and SUSE, and every distro shipped since 2017 is in scope.

For a security researcher, it's an elegant find, but for a studio running game servers, build farms, or container fleets on Linux, it's a same-week patch problem that crosses container boundaries. Most of the discussion so far has framed it as a "cloud server" issue, but game infrastructure has the exact shape this bug exploits.

The bug in one paragraph

The kernel's authencesn AEAD template (used by IPsec for Extended Sequence Numbers) writes 4 bytes into a scratch position past its legitimate output buffer. A 2017 optimization in algif_aead made AEAD operations in-place, chaining page-cache pages from splice() into the writable destination scatterlist. Combined, an unprivileged user can pick which file, which 4-byte offset, and which value to write directly into the kernel's page cache of any readable file and those including setuid binaries like /usr/bin/su. The on-disk file is untouched (so checksum-based file integrity tools miss it entirely), but the in-memory copy is what execve() actually loads. Corrupt su's page cache, run su, get root.

Three properties matter for game infrastructure:

Page cache is shared host-wide, so the primitive crosses container boundaries. A pod gets the host.
No disk artifacts. AIDE, Tripwire, and most EDR file-integrity checks see nothing.
Deterministic and portable. Run the script, get root.

Why this is a game-server problem, not just a cloud problem

Three deployment patterns common across studios make Copy Fail more dangerous than the typical Linux LPE:

1. Dedicated game servers on Linux (bare metal and VMs)

Most modern multiplayer titles ship a dedicated server binary that runs on Linux — Source engine derivatives, Unreal dedicated servers, custom Go/C++ backends. These boxes typically run a service account for the game process, sometimes share the host with monitoring agents, plugins, or operator SSH access, and frequently sit behind exposed RCON, query, or admin endpoints.

If anything in your stack lets an attacker get unprivileged shell like a plugin RCE in a community server, a misconfigured RCON, a vulnerable web admin panel, a compromised CI deploy key, or a stolen ops credential then Copy Fail is the second stage. Your game server account becomes root, and root on a game host means access to server-to-server tokens, signing keys, anti-cheat secrets, and player session data.

2. Containerized fleets (Kubernetes, Agones, custom orchestrators)

This is the highest-risk category for studios running matchmade game sessions. Agones, OpenMatch, and similar systems pack short-lived game-server pods onto shared nodes for cost efficiency. Anything that runs untrusted-ish code like modded servers, user-generated content, community-hosted instances, even tenant-supplied configs that hit a vulnerable parser has one syscall away from the kernel.

Xint has confirmed Copy Fail is a container-escape primitive (Part 2 of their write-up will cover Kubernetes node compromise once it is released). On a shared node, one compromised pod becomes root on the host and therefore root over every other tenant's pod on that node. For studios running shared infrastructure across IPs, regions, or even publishers, that's a cross-tenant blast radius.

3. CI and build farms

Self-hosted GitHub Actions runners, Jenkins agents, GitLab runners, Buildkite agents and anywhere CI executes code from a pull request as a regular user on a shared kernel. A malicious PR (or a compromised dependency in a legitimate PR) becomes root on the runner. Root on a build farm means signing keys, console SDK credentials (PlayStation, Xbox, Switch), Steamworks publish tokens, source code, and the ability to inject backdoors into shipping builds.

This is the supply-chain scenario, and it's the one most likely to bite studios that have invested heavily in CI but treat runners as ephemeral and disposable.

What to do this week

Patch the kernel. Mainline commit a664bf3d603d reverts the 2017 in-place optimization. Most major distros are shipping packaged updates now. Game-server hosts, container nodes, and CI runners are all the same fix.

Before you can patch disable the module. This is the single most important interim mitigation, and it breaks essentially nothing on game servers (dm-crypt, kTLS, IPsec, OpenSSL, SSH all use the in-kernel crypto API directly, not AF_ALG):

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf
rmmod algif_aead 2>/dev/null || true

For containers and CI, block AF_ALG via seccomp regardless of patch state. Game-server pods, build runners, and any sandbox executing untrusted code should not have access to socket(AF_ALG, ...). Add it to your seccomp profile and leave it there permanently. Default Docker and Kubernetes seccomp profiles do not block this; you have to do it explicitly.

Audit your runner posture. If self-hosted CI runners process external PRs (open-source mod tools, community contributions, fork builds), assume any unpatched runner has been a viable target since 2017. Rotate credentials accessible to runner accounts: console SDK tokens, signing keys, Steamworks publish credentials, internal package registry tokens.

Don't trust file-integrity monitoring here. AIDE, Tripwire, Wazuh FIM, and similar tools that compare against on-disk hashes will not detect Copy Fail exploitation. The on-disk file is unchanged. Detection needs to look at runtime behavior like unexpected AF_ALG socket usage, unprivileged processes binding aead/authencesn, or the kernel audit subsystem catching the syscall pattern.

The bigger picture

Copy Fail was found by an AI-assisted code analysis tool in roughly an hour of scan time against the Linux crypto/ subsystem. Xint has noted that the same scan surfaced other high-severity bugs still under coordinated disclosure. The cadence of kernel-level findings is accelerating, and the assumption that "it's been there since 2017 and nobody found it" is no longer a defense.

For studios, the practical takeaway is that the Linux kernel is now part of the threat model for game-server infrastructure in a way it wasn't a decade ago. Containerized matchmaking, untrusted mod content, self-hosted CI, and shared-tenancy hosting all assume the kernel boundary holds. Patch fast, block AF_ALG in untrusted contexts by default, and treat runtime detection as a complement to file-integrity tooling that this class of bug walks straight past.

References