A critical Linux kernel LPE (Local Privilege Escalation) named CopyFail was disclosed yesterday. Any unprivileged user already on a machine — inside a container, a CI/CD runner, or a shared host — can escalate to root in seconds using the public PoC that dropped alongside the advisory. Ars Technica coverage What is it? CVE-2026-31431 is a logic bug in the Linux kernel's authencesn crypto template, exposed through the algif_aead AF_ALG socket interface. It affects every Linux kernel since ~2017 — including Amazon Linux 2023, Ubuntu 22.04, and Debian 12. "Local privilege escalation" sounds contained, but in 2026 "local" covers a lot of ground: every container on a shared Kubernetes node, every CI/CD job running untrusted code, every tenant on a shared host. A single unprivileged shell on any of those surfaces is enough. The mitigation The upstream patch is merged but distro packages are still pending.…