US government warns of severe CopyFail bug affecting major versions of Linux

Get the Tech newsletter
Daily tech — startups, AI labs, chips, the launches that shape the next decade. Free.
- U.S. government warns the CopyFail bug is being exploited in the wild, marking the first known active attacks on Linux kernels.
- Theori discovered CVE‑2026‑31431 in kernel versions up to 7.0, released a patch within a week, but distribution roll‑outs remain incomplete.
- Linux distributions such as Red Hat Enterprise Linux 10.1, Ubuntu 24.04 LTS, Amazon Linux 2023, SUSE 16, Debian, and Fedora are still vulnerable because many servers haven’t applied the update.
- Microsoft notes the flaw can be chained with internet‑delivered exploits, letting a low‑privilege user gain root access and compromise entire data‑center networks.
Why it matters: Enterprises running Linux data‑center servers lose security; attackers gain root access; patch lag will cost millions in breach remediation, trigger regulatory fines, and disrupt cloud services.




