Read-only checker for CVE-2026-31431 (algif_aead local root). Reports kernel/module state and suggests mitigations.
Read-only checker for CVE-2026-31431 (algif_aead local root). Reports kernel/module state and suggests mitigations.
Read-only checker for CVE-2026-43284 / CVE-2026-43500 (Dirty Frag) Linux kernel local-root vulns
This script will attempt to mitigate the copy_fail attack. CVE-2026-31431
A Rust honeypot that simulates a vulnerable cPanel/WHM instance for CVE-2026-41940
Dirty Frag (CVE-2026-43284/43500) - Linux Kernel LPE Deep Technical Analysis by Bomb
Vulnerability detection and mitigation tool for Copy Fail and Dirty Frag bugs (CVE-2026-31431, CVE-2026-43284, CVE-2026-43500)
Linux Kernel Local Privilege Escalation
Kernel LPE PoC & Mitigation Toolkit - ROSN-LR5-Full (CVE-2026-31431)
Detector + PoC for Linux page-cache write vulnerabilities: Copy Fail (CVE-2026-31431) and Dirty Frag (CVE-2026-43284/43500). Authorized security research only.
Wazuh 4.14.4 detection rules for CVE-2026-43284 / CVE-2026-43500 (Dirty Frag) - Linux Local Privilege Escalation via page cache write
Simple Ansible Playbook to mitigate against CopyFail (CVE-2026-31431) and DirtyFrag (CVE-2026-43284) vulnerabilities.
Runtime integrity guard that detects and blocks Linux page cache tampering attacks (Copy Fail CVE-2026-31431, Dirty Pipe, Dirty COW) at execution time. Uses fanotify + O_DIRECT to protect SUID/SGID binaries from privilege escalation via page cache corruption.
CVE-2026-31431 ("Copy Fail") vulnerability detector & exploit
CVE-2026-31431 in C for aarch64 and amd64
Paranoid disable Linux IPsec ESP support (esp4/esp6) and RxRPC support.
A proof-of-concept demonstrating how a default, unprivileged Kubernetes Pod can achieve node-level code execution on Amazon EKS by exploiting the Dirty Frag (CVE-2026-43284) Linux kernel page-cache corruption vulnerability through shared container image layers.
One-liner Python LPE for CVE-2026-31431 (CopyFail2). No compilation, no dependencies beyond Python+OpenSSL. Just curl | python3 and get root on Linux 6.5+.
cve-2026-41940 cPanel/WHM Authentication Bypass - Detection Artifact Generator