732 Bytes to Root. One Hour of Scan Time.
Up next
Author
Share article
The post has been shared by 0 people.
Facebook 0
X (Twitter) 0
Pinterest 0
Mail 0

📊 Full opportunity report: 732 Bytes to Root. One Hour of Scan Time. on ThorstenMeyerAI.com — validation score, market gap, and execution plan.

TL;DR

Theori uncovered a universal Linux privilege escalation bug, ‘Copy Fail,’ after only one hour of AI-driven scanning. This discovery drastically lowers the cost of zero-day exploits, threatening enterprise security models.

Theori, an offensive security firm, publicly disclosed a critical Linux kernel privilege escalation vulnerability, ‘Copy Fail,’ after identifying it through AI scanning in approximately one hour. This discovery signifies a fundamental shift in the security landscape, as the cost to find such vulnerabilities has plummeted from hundreds of thousands or millions of dollars to mere hours of compute time.

The ‘Copy Fail’ bug affects all major Linux distributions since July 2017, including Ubuntu, RHEL, Debian, Fedora, and Arch. It exploits a logic flaw in the kernel’s algif_aead socket interface, allowing attackers to write into cached pages and escalate privileges to root without altering on-disk files or requiring race conditions. The exploit, a 732-byte Python script, can be run on any compatible kernel with minimal setup, and yields root access within seconds.

The discovery was made by Theori’s Xint Code AI system, which identified the vulnerability with just about an hour of scan time and a single operator prompt, without additional harnessing or manual effort. The exploit is portable across architectures and container boundaries, including cloud environments like Kubernetes, CI/CD runners, and shared-kernel cloud services. Hardware or VM boundaries remain secure, but namespace boundaries do not.

This event marks a dramatic reduction in the cost of discovering high-severity Linux vulnerabilities, previously valued at hundreds of thousands to millions of dollars on the gray market, now effectively costing the price of an hour of compute time. The implications threaten to upend existing security assumptions and patching strategies.

732 Bytes to Root. One Hour of Scan Time.
DISPATCH / MAY 2026 SECURITY · COPY FAIL · MYTHOS · COST CURVE COLLAPSE
▲ CVE-2026-31431 CVSS 7.8 · HIGH · KEV LISTED
Software Security · Cost-Curve Collapse

732 bytes to root.
One hour of scan time.

Copy Fail, Mythos Preview, and the collapse of the cost curve software security was built on.

On April 29, Theori disclosed CVE-2026-31431 — Copy Fail. A 732-byte Python script gets root on every major Linux distribution since 2017. Zero races, zero per-distro tuning. Bugs in this class historically sold for $500K-$7M. Xint Code surfaced it in ~1 hour of scan time, one prompt, no harnessing. The cost curve software security operated on for three decades has just collapsed.

Thorsten Meyer / ThorstenMeyerAI.com / May 2026
▲ THE COST-CURVE COLLAPSE
Before
$500K
– $7M
Zerodium · Crowdfense
broker market price
Now
~1 hr
compute
Xint Code · one prompt
no harnessing
The structural read
Universal Linux LPE primitive. The exact category that historically sold for the price of a house. An AI system surfaced one in about an hour. The market price of a universal LPE has collapsed by 5-7 orders of magnitude.
732bytes
Copy Fail · Python exploit
os + socket + zlib · stdlib only · portable across distros
9years
Bug latency · introduced 2017
Commit 72548b093ee3 · nobody looked carefully enough
73%
Mythos Preview · expert-level CTF
AISI eval · no model could do this before Apr 2025
1000s
Zero-days Mythos found in testing
99%+ unpatched · every major OS and browser
CVE-2026-31431 COPY FAIL · CVSS 7.8 HIGH · UBUNTU · AMAZON LINUX · RHEL · SUSE · DEBIAN · FEDORA · ARCH PORTABLE 732-BYTE PYTHON · NO RACES · NO PER-DISTRO OFFSETS · CONTAINER ESCAPE PRIMITIVE DISCOVERY ~1 HOUR OF SCAN TIME · ONE OPERATOR PROMPT · NO HARNESSING · XINT CODE MYTHOS PREVIEW WITHHELD BY ANTHROPIC · STEP-CHANGE CYBER CAPABILITY · PROJECT GLASSWING PRICE COLLAPSE ZERODIUM $500K · CROWDFENSE $10K-$7M · NOW: HOUR OF INFERENCE COMPUTE PATCH CYCLE THE INDUSTRY’S OPERATING MODEL WAS BUILT ON THE OLD COST CURVE CVE-2026-31431 COPY FAIL · 732 BYTES TO ROOT ON EVERY LINUX DISTRIBUTION SINCE 2017
CVE-2026-31431 · Copy Fail · the specifics

The bug. The exploit. The discovery.

A logic flaw in algif_aead. The 2017 in-place optimization that nobody looked at hard enough. A 732-byte Python script that gets root on every Linux distribution since. Found by an AI in about an hour.

Copy Fail · technical anatomy
Logic flaw · straight-line · no races · portable across distributions and architectures.
▲ THE BUG
Logic flaw in algif_aead
authencesn template · 4-byte scratch write. Output scatterlist extends into chained page cache pages via sg_chain(). The 4-byte write lands inside the spliced file’s cached pages in memory, bypassing file permissions.
▲ THE EXPLOIT
732 bytes · stdlib only
Python 3.10+, os + socket + zlib. Repeats primitive at successive offsets to stage shellcode into cached pages of /usr/bin/su. Running su after yields root shell. On-disk file unchanged · checksum verification doesn’t detect it.
▲ THE SCOPE
Every Linux since 2017
Kernel 4.14+ · all major distributions. Ubuntu, Amazon Linux 2023, RHEL 10.1, SUSE 16, Debian, Fedora, Arch. Container-to-host escape · page cache shared on host. Hardware/VM boundaries hold (Firecracker, gVisor, V8 isolates). Namespace boundaries fail.
▲ THE DISCOVERY
~1 hour · Xint Code
Theori writeup: “surfaced by Xint Code about an hour of scan time against the Linux crypto/ subsystem, with one operator prompt, no harnessing.” Theori is a 9× DEF CON CTF winner. Default assumption: they did exactly that.
Historical price for a bug like this: $500K–$7M on the broker market. AI discovery cost: ~1 hour of inference compute.
The Mythos signal · context for the capability
Amazon

Linux kernel vulnerability scanner

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

This is not an isolated event.

Three weeks before Copy Fail, Anthropic published the system card for Claude Mythos Preview — the model they built and chose not to release because its cybersecurity capabilities were “a step-change.” Mythos is withheld. Copy Fail is what happens when equivalent capability operates outside the withholding framework.

Mythos Preview · the publicly disclosed capability frontier
Same capability category as Xint Code. Different deployment context. Withheld for cybersecurity reasons specifically.

The prompt Anthropic used to discover vulnerabilities with Mythos “essentially amounted to ‘Please find a security vulnerability in this program.'” Engineers with no formal security training generated complete, working exploits.

1000szero-days
Thousands of high-severity zero-days found during evaluation. Over 99% reportedly not yet patched. Every major operating system and web browser.
Anthropic
system card
27years
27-year-old OpenBSD bug autonomously discovered. OpenBSD’s reputation rests on security. Also: 16-year-old FFmpeg H.264 codec flaw.
Hacker News
April 8
4-chain
Autonomous browser exploit chaining four vulnerabilities to escape both renderer and OS sandboxes. One prompt. No harnessing.
Anthropic
red team
73%success
Expert-level CTF success rate. No model could complete these before April 2025. AISI’s progressive evaluations.
UK AISI
evaluation
32steps
“The Last Ones” (TLO) corporate network attack simulation. 20 hours for human experts. Mythos completes it; no other frontier model has.
UK AISI
TLO benchmark
“find it”
Prompt complexity required: “Please find a security vulnerability in this program.” Engineers with no security training produced working exploits.
Alan Turing
Institute
Three assumptions broken · what the industry was built on
Amazon

privilege escalation testing tools

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Three cost-curve assumptions. All broken.

Software security operated for three decades on a set of implicit cost-curve assumptions. Worth making them explicit, because they have just changed. Patch cycles, CVE prioritization, responsible disclosure, vulnerability budgets — all built on these foundations.

The three broken assumptions
The model the entire software-security industry was built on. No longer empirically accurate.
01was assumed
Finding kernel-grade bugs is expensive
Supply bounded by ~200-500 senior researchers globally. Aggregate output of perhaps 500-3000 high-severity bugs per year. Patch cycles, CVE prioritization, all designed around this rough supply.
BROKEN · now compute-bounded
02was assumed
Attackers and defenders face the same cost curve
Both rely on skilled humans. Attackers had asymmetric advantages, but underlying cost of new bug discovery was roughly equal. Responsible disclosure framework was designed around this rough parity.
PARTIAL · volume scales offensive side first
03was assumed
Disclosure provides response time
90-day coordinated disclosure window assumed weaponizing public disclosure required additional skilled work. Days to weeks before exploitation became widespread.
BROKEN · compressed to days
What to do now · defensive response by priority
Amazon

Linux security penetration testing kit

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

The institutional response window is open but narrowing.

Specific operational implications for CISOs, security teams, and enterprise software architects. The 12-24 month window where defenders can pre-empt attackers using AI-driven discovery is open. It will not be open indefinitely.

Defensive response · five operational priorities
Ordered by urgency given current threat landscape and observable exploitation timelines.
Shared-kernel
multi-tenancythreat-model update
If your isolation depends on shared-kernel containers, the threat model needs a hardware-or-VM boundary. Copy Fail and successors are in the wild. Hardware boundaries hold; namespace boundaries fail. Kubernetes nodes running untrusted workloads need per-tenant hardware isolation or accept materially higher escape risk.
URGENT
this week
Patch cycle
infrastructurevolume planning
30-day patch SLA for critical vulnerabilities will break under volume. Build infrastructure for faster evaluation, faster automated deployment, faster rollback. Patch infrastructure that worked under historical CVE volume will not work under AI-driven CVE volume.
URGENT
30 days
Attack surface
minimizationkernel modules
Audit AF_ALG-class attack surfaces specifically. Apply CERT-EU mitigation: echo "install algif_aead /bin/false" >> /etc/modprobe.d/disable-algif-aead.conf. Minimize kernel surface exposed to unprivileged processes. Always good practice; now urgent.
HIGH
this month
Internal AI-driven
vulnerability discoverydefensive tooling
The capability is symmetric — defenders can use the same tools attackers use. Most enterprises haven’t deployed this. The 12-24 month window where defenders can pre-empt attackers using AI-driven discovery is open. Start internal evaluation now.
HIGH
quarter
Architect for
breach assumptiondetect & contain
Assume some fraction of components are compromised. Network segmentation, least-privilege everywhere, robust logging, incident response infrastructure. “Prevent breaches” framing is outdated; “detect and contain breaches” is the durable operating model.
MEDIUM
year
Stakeholder implications · four audiences
Amazon

cybersecurity vulnerability detection software

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Four audiences. Different obligations.

CISOs · software publishers · policymakers · the public. Each role faces structurally different decisions in the 18-36 month window.

Stakeholder implications · by audience
The cost-curve collapse propagates differently through different institutional contexts.
▲ FOR CISOs
+ SECURITY TEAMS
Threat model needs hardware-boundary isolation.
Shared-kernel multi-tenancy is now a riskier default than it used to be. Update patch cycle assumptions for higher volume. Deploy AI-driven defensive discovery internally before attackers reach equivalent capability. The 12-24 month window where defenders can move first is open.
▲ FOR SOFTWARE
PUBLISHERS
Run AI-driven discovery against your codebase before attackers do.
If your code has Copy Fail-class bugs, AI-driven discovery will find them — by you or by someone else. Marginal cost of running discovery internally is now low. Failure to run it is failure to perform basic due diligence. Expect regulatory requirement within 24 months.
▲ FOR
POLICYMAKERS
Regulatory frameworks need substantial revision.
EU Cyber Resilience Act, NIST 800-218, FDA premarket security, SEC cyber-incident disclosure — all designed for pre-AI-driven-discovery regime. Update within 18-36 months. Require AI-driven discovery in pre-deployment validation for critical software. Address bug bounty market collapse. Coordinate defensive capability for public-interest purposes.
▲ FOR
EVERYONE ELSE
Patch faster. Architect for breach.
Aggregate “unpatched vulnerability” metrics will grow rather than shrink even as patch cadence accelerates — denominator is growing faster than numerator. Personal computing exposure rises. The cost of compute will go up to accommodate the security cost. Hardware-isolated cloud workloads become the new default.

Copy Fail is the public proof. 732 bytes of Python. One hour of scan time. Every Linux distribution since 2017. The cost-curve collapse is operational. The institutional response window is open but narrowing.

— Software security · the cost-curve collapse · May 2026
Source dossier · the receipts
  • Theori / Xint Code · Copy Fail: 732 Bytes to Root on Every Major Linux Distribution · xint.io/blog/copy-fail-linux-distributions · Apr 29 2026
  • CVE-2026-31431 · NVD · CVSS 7.8 (High) · CISA KEV listed
  • Microsoft Security Blog · CVE-2026-31431: Copy Fail enables Linux root privilege escalation across cloud environments · May 1 2026
  • Sysdig Threat Research · Copy Fail Linux kernel flaw lets local users gain root in seconds
  • CERT-EU 2026-005 · High Vulnerability in the Linux Kernel (“Copy Fail”)
  • Tenable Research Special Operations · Copy Fail FAQ · Apr 30 2026
  • Bugcrowd · What we know about Copy Fail (CVE-2026-31431)
  • Anthropic · Claude Mythos Preview System Card · Apr 7 2026
  • Anthropic · Project Glasswing partner consortium announcement
  • UK AI Security Institute · Our evaluation of Claude Mythos Preview’s cyber capabilities
  • The Hacker News · Anthropic’s Claude Mythos Finds Thousands of Zero-Day Flaws · Apr 8 2026
  • Centre for Emerging Technology and Security (Turing) · Claude Mythos cybersecurity analysis
  • Zerodium published price list · pre-2025 shutdown
  • Crowdfense acquisition program ranges · 2026
  • Theori · 9× DEF CON CTF history as MMM + PPP + Maple Bacon
  • DARPA AI Cyber Challenge · 2025 finals
  • The Coding Singularity Outside Read · related capability analysis
  • The Forecast Is the Plan · corporate commitment cascade
Colophon

Set in Source Serif 4, IBM Plex Sans, & IBM Plex Mono. The security-advisory aesthetic. Free to embed with attribution.

thorstenmeyerai.com

Software security · the cost-curve collapse · May 2026

732 bytes · 1 hour · 9 years · every distribution

Implications for Security Cost Models and Defense Strategies

The rapid discovery of ‘Copy Fail’ with minimal effort underscores a fundamental change: the cost of finding and weaponizing zero-day vulnerabilities has collapsed. Historically, the high expense of discovering such bugs created a supply constraint, giving defenders a relative advantage. Now, with AI-driven tools capable of uncovering critical bugs in hours, the supply of zero-days could increase exponentially, overwhelming patching and detection efforts.

This shift raises concerns about a potential surge in zero-day disclosures, similar to a ‘Y2K’ event for enterprise security, where the volume of vulnerabilities could outpace mitigation capacity. Security leaders, policymakers, and software vendors must reconsider vulnerability management, patching priorities, and threat modeling to adapt to this new landscape.

Evolution of Linux Kernel Vulnerabilities and AI Impact

Prior to ‘Copy Fail,’ Linux kernel privilege escalation bugs like Dirty Cow and Dirty Pipe required complex conditions, race conditions, or version-specific tuning, making them difficult to discover and exploit reliably. These bugs commanded high prices on the gray market, reflecting their rarity and difficulty.

Theori’s discovery coincides with the publication of Anthropic’s Claude Mythos Preview, which revealed AI models capable of uncovering thousands of zero-day vulnerabilities during testing. The combination of these signals indicates a trend: AI tools are now capable of rapidly and reliably identifying critical security flaws, fundamentally altering the traditional cost and supply dynamics of zero-day exploits.

This development suggests a paradigm shift in software security, where the barrier to discovering high-impact bugs is no longer resource-intensive but can be achieved with minimal compute and prompt engineering.

“In about one hour of scan time, our system identified a universal privilege escalation bug affecting all major Linux distributions since 2017.”

— Theori spokesperson

Remaining Uncertainties About ‘Copy Fail’ Exploit and Impact

It is not yet clear how widely exploited the ‘Copy Fail’ vulnerability will become, or how quickly patches will be developed and deployed across affected distributions. The full scope of container and cloud environment impacts remains under assessment, especially regarding namespace and hardware boundary protections. Additionally, the extent to which AI tools will be adopted at scale for vulnerability discovery is still uncertain, as is the potential for adversaries to develop similar or more advanced exploits.

Next Steps for Security Communities and Policy Makers

Security vendors and open-source projects are expected to prioritize patching and mitigation strategies for ‘Copy Fail’ and similar vulnerabilities. Policymakers may need to revisit vulnerability disclosure frameworks and consider regulation around AI-assisted vulnerability discovery. Meanwhile, enterprise security teams should evaluate their patch management processes and prepare for a potential surge in zero-day disclosures, emphasizing rapid response and threat intelligence integration.

Research into AI-driven vulnerability detection will likely accelerate, with the industry monitoring how quickly patches are rolled out and how adversaries adapt. The next 12-24 months will be critical in determining whether defenders can keep pace with the evolving threat landscape.

Key Questions

How does the ‘Copy Fail’ exploit work?

‘Copy Fail’ exploits a logic flaw in the Linux kernel’s crypto API, allowing an attacker to write into cached pages and escalate privileges to root without changing disk files or relying on race conditions. It uses a simple, portable Python script that can be run on any affected kernel.

What is the significance of AI scanning in this discovery?

Theori’s AI system identified the vulnerability in about an hour with minimal manual input, demonstrating that AI-driven vulnerability scanning can drastically reduce the time and cost required to find critical bugs in complex software.

Will this lead to more zero-day exploits being discovered?

Yes, the ability of AI tools to rapidly identify vulnerabilities suggests that the supply of zero-day exploits could increase significantly, challenging existing security defenses and patching practices.

Are all Linux systems vulnerable?

All Linux kernels built since July 2017 are affected, including most major distributions. Hardware boundaries and certain container environments remain protected, but namespace boundaries do not.

What should organizations do now?

Organizations should prioritize patching affected systems, enhance monitoring for exploit activity, and prepare for increased vulnerability disclosures. Collaboration with security vendors and rapid deployment of updates will be critical in the coming months.

Source: ThorstenMeyerAI.com

You May Also Like
Hackers abuse Google ads, Claude.ai chats to push Mac malware

Hackers abuse Google ads, Claude.ai chats to push Mac malware

Cybercriminals are abusing Google Ads and shared Claude.ai chats to deliver malware to Mac users, bypassing traditional detection methods in a targeted campaign.
I designed a nibble-oriented CPU in Verilog to build a scientific calculator

I designed a nibble-oriented CPU in Verilog to build a scientific calculator

A developer has designed a fully functional scientific calculator using a custom nibble-oriented CPU in Verilog, implemented on an FPGA with supporting tools.
'No way to prevent this,' says only package manager where this regularly happens

‘No way to prevent this,’ says only package manager where this regularly happens

Developers acknowledge the impossibility of preventing supply chain attacks in npm, citing reliance on unvetted packages and inherent ecosystem vulnerabilities.
Amazon’s ultrafast 30-minute deliveries are now available in more cities

Amazon’s ultrafast 30-minute deliveries are now available in more cities

Amazon Now’s ultrafast 30-minute delivery service is now available in additional cities across the U.S., enhancing rapid shopping options for Prime members.