This page collects WhisperX intelligence signals tagged #linux-kernel. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical Linux kernel privilege-escalation vulnerability has left a cluster of production NixOS servers exposed while the necessary security patch remains absent from the stable release branch. CVE-2026-31431, dubbed "Copy Fail," targets the AF_ALG AEAD interface and enables any local user to escalate to root using a...
A GitHub pull request within the tetragon/example repository introduces a security policy designed to mitigate exploitation of CVE-2026-31431, a disclosed vulnerability. The proposed mitigation operates at the syscall level, intercepting attempts to create AF_ALG sockets—kernel-level cryptographic interfaces—by overrid...
Security researchers at Unit 42 have disclosed a critical Linux kernel local privilege escalation vulnerability, designated CVE-2026-31431 and internally named "Copy Fail," which grants attackers stealthy root access to affected systems. The flaw, classified as critical severity, is being described as one of the most s...
A newly disclosed Linux kernel vulnerability, catalogued as CVE-2026-43284 and dubbed "Dirty Frag," marks the second local privilege escalation exploit capable of granting root access to emerge within an eight-day window, raising fresh questions about the security posture of widely-deployed Linux kernel versions. The ...
Security researchers have demonstrated a novel technique leveraging Large Language Models to identify critical remote Linux kernel out-of-bounds (OOB) write vulnerabilities, uncovering multiple high-severity flaws including CVE-2026-31432 and CVE-2026-31433. The approach involves strategically perturbing LLM outputs to...
A high-severity local privilege escalation vulnerability in the Linux kernel's `algif_aead` module has been flagged under active exploitation, prompting urgent inclusion in the CISA Known Exploited Vulnerabilities catalog. Tracked as CVE-2026-31431 with a CVSS score of 7.8, the flaw allows an unprivileged local user to...
Security researchers have disclosed a pair of long-dormant Linux kernel vulnerabilities, collectively dubbed "Dirty Frag," that remained hidden in open-source codebases for approximately nine years before being identified. The flaws, linked to memory fragmentation handling in the kernel, represent a significant exposur...
A second critical vulnerability in the Linux kernel has emerged just weeks after the disclosure of the "Copy Fail" flaw, raising fresh concerns about systemic weaknesses in the operating system that underpins the global cloud infrastructure. The new flaw, nicknamed "Dirty Frag," was discovered by independent security r...
Three Linux kernel local privilege escalation vulnerabilities targeting auto-loadable modules were disclosed in rapid succession between late April and mid-May 2026, raising concerns about container escape risks in Azure Kubernetes Service environments. The flaws share a common attack vector: kernel modules that can be...