{"id":236495,"date":"2026-05-05T02:26:34","date_gmt":"2026-05-05T07:26:34","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/05\/cisa-adds-actively-exploited-linux-root-access-bug-cve-2026-31431-to-kev"},"modified":"2026-05-05T02:26:34","modified_gmt":"2026-05-05T07:26:34","slug":"cisa-adds-actively-exploited-linux-root-access-bug-cve-2026-31431-to-kev","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/05\/cisa-adds-actively-exploited-linux-root-access-bug-cve-2026-31431-to-kev","title":{"rendered":"CISA Adds Actively Exploited Linux Root Access Bug CVE-2026\u201331431 to KEV"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/cisa-adds-actively-exploited-linux-root-access-bug-cve-2026-31431-to-kev.jpg\"><\/a><\/p>\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/05\/01\/cisa-adds-one-known-exploited-vulnerability-catalog\">added<\/a> a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">KEV<\/a>) catalog, citing evidence of active exploitation in the wild.<\/p>\n<p>The vulnerability, tracked as <a href=\"https:\/\/thehackernews.com\/2026\/04\/new-linux-copy-fail-vulnerability.html\">CVE-2026\u201331431<\/a> (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The nine-year-old flaw is also tracked as <strong>Copy Fail<\/strong> by Theori and Xint. Fixes have been made available in Linux kernel versions 6.18.22, 6.19.12, and 7.0.<\/p>\n<p>\u201cLinux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation,\u201d CISA said in an advisory.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2026\u201331431 (CVSS score: 7.8), is a case of local privilege escalation (LPE) flaw that could allow [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-236495","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/236495","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=236495"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/236495\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=236495"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=236495"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=236495"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}