Back

Huawei Investigates Local Privilege Escalation Vulnerability CVE-2026-31431

Severity: High (Score: 66.5)

Sources: Huawei

Summary

Huawei has initiated an investigation into a local privilege escalation vulnerability identified as CVE-2026-31431, which affects the Linux Kernel. This vulnerability, known as 'Copy Fail,' allows attackers to escalate privileges to root or escape containers. The CVE was published on April 22, 2026, and was added to the CISA Known Exploited Vulnerabilities list on May 1, 2026, indicating active exploitation. A proof of concept (PoC) for this vulnerability was released publicly on April 30, 2026. Huawei's Product Security Incident Response Team (PSIRT) is actively monitoring the situation and will provide updates as they become available. The scope of the impact is significant, given the potential for root access and container escape. Users of affected systems are advised to stay informed about updates from Huawei. The investigation is ongoing, and no patch has been released yet. Key Points: • CVE-2026-31431 allows local privilege escalation on Linux Kernel. • Active exploitation confirmed as of May 1, 2026, with a public PoC released. • Huawei PSIRT is investigating and will provide updates on the vulnerability.

Key Entities

  • Zero-day Exploit (attack_type)
  • Huawei (company)
  • CVE-2026-31431 (cve)
  • CWE-269 - Improper Privilege Management (cwe)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • Linux (platform)
  • Linux kernel (platform)
  • Copy Fail (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed