THREATOPS
THREAT OPSThreat News › Copy Fail and DirtyFrag: Linux Page Cache Bugs in the Wild

Copy Fail and DirtyFrag: Linux Page Cache Bugs in the Wild

lowelastic_securityPublished 2026-05-09

<h2>Introduction</h2> <p>Recent Linux kernel privilege escalation vulnerabilities, Copy Fail (CVE-2026-31431) , Copy Fail 2, and DirtyFrag, highlight how subtle page cache corruption bugs can become practical, reliable paths to root. These issues are especially relevant for defenders because exploitation involves legitimate kernel interfaces, local execution, and short proof-of-concept code. Copy

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://www.elastic.co/security-labs/copy-fail-dirtyfrag-linux-page-bugs-in-the-wild