wh1sky02/copy-fail-python

# Copy Fail — Python PoC (CVE-2026-31431) This is a compact Python proof-of-concept for **Copy Fail** ([CVE-2026-31431](https://nvd.nist.gov/vuln/detail/CVE-2026-31431)), a Linux kernel local privilege escalation via `AF_ALG` and `splice()` that corrupts the page cache of a readable file such as `/usr/bin/su`. It is based on the [Theori PoC](https://github.com/theori-io/copy-fail-CVE-2026-31431), extended with `ctypes` splice for **Python 3.7+** compatibility and a **`/bin/bash`** root shell instead of `/bin/sh`. Run it on a vulnerable Linux host with `python3 copy_fail_exp.py`. It requires only the Python standard library, read access to the target binary, and a kernel in the affected range (roughly 4.9 through 6.18). **Disclaimer:** For authorized testing and education only. Do not use on systems without permission. **References:** [Theori writeup](https://github.com/theori-io/copy-fail-CVE-2026-31431) · [CVE-2026-31431](https://nvd.nist.gov/vuln/detail/CVE-2026-31431)