Copy.Fail: A Critical Linux Kernel Vulnerability Threatens Shared Infrastructure

Overview of the Copy.Fail Vulnerability

On April 29, 2026, security researchers at Theori disclosed a severe Linux kernel vulnerability dubbed Copy.Fail. Despite its catchy name, this is not a browser-based or clipboard attack—it is a local privilege escalation (LPE) exploit that allows an unprivileged attacker to gain root access on a wide range of Linux distributions. The flaw resides in the kernel's cryptographic API (AF_ALG sockets) when used in combination with the splice() system call, enabling an attacker to write arbitrary data—four bytes at a time—directly into the page cache of a file they do not own. The exploit works without modification across major distributions including Ubuntu, RHEL, Debian, SUSE, Amazon Linux, and Fedora. Notably, it requires no race condition or per-distribution offsets, making it highly reliable.

Copy.Fail: A Critical Linux Kernel Vulnerability Threatens Shared Infrastructure
Source: www.schneier.com

How Copy.Fail Works

Exploiting the Kernel Crypto API

The attack leverages AF_ALG sockets, a feature of the Linux kernel that allows user-space programs to access cryptographic operations. By chaining this with the splice() system call—which moves data between file descriptors without copying to user space—an attacker can bypass normal file write protections. The exploit repeatedly splices small bytes (four at a time) into the page cache of a sensitive file, such as a privilege escalation script or system configuration. Because the write occurs in the page cache, the underlying file on disk remains unchanged.

Why Traditional Security Tools Fail

Since the exploit never modifies files on disk, integrity monitoring tools like AIDE or Tripwire that rely on checksums or file hashes see no alterations. Similarly, auditd and other log-based systems may miss the attack because the kernel operations appear legitimate. This stealthiness makes Copy.Fail particularly dangerous in environments where file integrity monitoring is the primary defense.

Impact on Shared Infrastructure

Local privilege escalation might sound abstract, but its consequences are profound, especially on shared systems. An attacker who already has limited code execution—even as the lowest-privileged user—can become root. Once root, they can read all files, install backdoors, monitor processes, and pivot to other machines.

Containers and Kubernetes

In Kubernetes clusters, containers share the host kernel. The default RuntimeDefault seccomp profile and Kubernetes Pod Security Standards (Restricted) do not block the splice() syscall that Copy.Fail uses. This means any container running on a shared node could potentially break out to root. Attackers often begin with a compromised container—via a vulnerable application or malicious image—and then escalate to the host. With Copy.Fail, that escalation becomes trivial.

Multi-Tenant Hosting and CI/CD

Shared hosting environments where multiple tenants share a single kernel are also at risk. Similarly, CI/CD pipelines that execute untrusted code from pull requests or third-party actions expose the underlying build worker kernel. Even WSL2 instances on Windows laptops and containerized AI agents with shell access are vulnerable, as they all share the Linux kernel with their neighbors.

Copy.Fail: A Critical Linux Kernel Vulnerability Threatens Shared Infrastructure
Source: www.schneier.com

Patch Status and Mitigation

Mainline Fix and Distribution Updates

The Linux kernel mainline fix was applied on April 1, 2026. Major distributions have started rolling out patched kernels. Administrators should update as soon as possible. However, until the patch is applied, a custom seccomp profile is required. Because the exploit uses splice() and AF_ALG, blocking the splice syscall in a custom seccomp profile can prevent the attack. However, this may break legitimate applications that rely on splice() for efficient I/O.

Internal Anchor Links

For more details on creating custom seccomp profiles, see our guide. To check if your kernel is patched, refer to how to verify your kernel version.

Guide: Creating a Custom Seccomp Profile

To block Copy.Fail without waiting for a kernel update, you can create a seccomp profile that denies the splice syscall. Below is a basic example. Note that this may affect applications that use splice for zero-copy networking or file transfers.

  1. Create a JSON file, e.g., copyfail-block.json:
  2. Include the default architectures and syscalls, but add "splice" to the deny list.
  3. Apply the profile to your container or process using --security-opt seccomp=copyfail-block.json with Docker, or through seccomp profiles in Kubernetes.

How to Verify Your Kernel Version

To check if your Linux kernel includes the Copy.Fail fix, run:

uname -r

Then consult your distribution's advisory to see if the kernel version includes the patch. For example, on Ubuntu, use apt list --installed | grep linux-image and compare with the patched version.

Conclusion

Copy.Fail is one of the most significant Linux kernel vulnerabilities in recent years due to its ease of exploitation, wide applicability, and stealthy nature. Organizations running shared infrastructure—especially Kubernetes clusters—must prioritize patching. In the interim, custom seccomp profiles and careful monitoring of syscall usage can reduce risk. Stay vigilant, and patch promptly.

Tags:

Recommended

Discover More

How Docker’s Virtual Agent Fleet Accelerates Shipping with Autonomous AI RolesEnterprise AI Governance Becomes Urgent as Risks Outpace Traditional Models10 Critical Flaws Behind VECT Ransomware's Accidental Wiper BehaviorEnhancing Man Pages for tcpdump and dig: A Q&A Guide10 Ways Wind and Solar Power Shielded the UK from £1.7 Billion in Gas Costs Since the Iran Conflict