Came across this this morning: CVE-2026-31431. Any unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root.
Probably pretty low-priority for anyone just running Linux workstations at home, but thought I’d share for general awareness. Anyone running Multi-tenant Linux hosts, Kubernetes / container clusters, etc, should likely update 
It worries me that the kernel team are able to make the kernel so complicated that such thing could occur without being anticipated.
When I was taught to program, it was stressed that you should understand every aspect of what your algorithm is going to do, before you even code it.
I think this sort of thing comes from accepting piecemeal modifications into code , without thinking thru their global consequences.
Beat me to it. Thanks.
The longer I’ve been on Linux, the more I understand the concerns raised by BSD users and why they inconvenienced themselves to migrate to those systems.
I suppose you mean that BSD is centrally managed and therefore has some global oversight of code.
An interesting video about this
For anyone interested, I read this on Zdnet this morning.
"To find out if your kernel has been patched against Copy Fail, issue the following command:
dpkg -l kmod grep -qE '^algif_aead ' /proc/modules && echo "Affected module is loaded" || echo "Affected module is NOT loaded"
If your kernel has been patched, you’ll see “Affected module is NOT loaded.” If your kernel has not been patched, you’ll see “Affected module is loaded.”"
My MX OS is runing with kernel 6.12 and I received the message not loaded.