CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
I agree. This seems fishy to me. I am concerned about compressed code in a public disclosure like this. Also it seems like all the documentation was written by AI.
Very quick cursory review: The python script appears to decompress what might be an ELF from those compressed bytes. Then it opens a cryptography socket (AF_ALG) with the kernel and sends that whole thing.
So the exploit is in the binary data and would likely take some skilled Linux engineers to decompile it and figure out the exploit.
I’m not entirely sure why they would obfuscate it. Maybe they think it helps with responsible disclosure so people can’t make something more useful than the PoC?
The Python script to check if you are vulnerable is extremely suspicious and hard to decipher.
I agree. This seems fishy to me. I am concerned about compressed code in a public disclosure like this. Also it seems like all the documentation was written by AI.
The entire page is an advertisement for an AI tool that helped uncover it. Guess that’s the demonstration on how it augments a report.
Very quick cursory review: The python script appears to decompress what might be an ELF from those compressed bytes. Then it opens a cryptography socket (
AF_ALG) with the kernel and sends that whole thing.So the exploit is in the binary data and would likely take some skilled Linux engineers to decompile it and figure out the exploit.
I’m not entirely sure why they would obfuscate it. Maybe they think it helps with responsible disclosure so people can’t make something more useful than the PoC?
deleted by creator
Someone over on lobste.rs has deobfuscated it, code can be found here