---
title: "CVE-2026-31431 Copy Fail Linux LPE Mitigation"
description: "Copy Fail CVE-2026-31431 Linux local privilege escalation mitigation demo showing agentsh blocking AF_ALG with default seccomp socket-family protection."
doc_version: "1.0"
last_updated: "2026-05-18"
canonical: "https://www.agentsh.org/mitigations/demo-cve-2026-31431/"
---

# CVE-2026-31431 Copy Fail LPE Mitigation

## Overview

This mitigation demo shows agentsh blocking the AF_ALG socket family used by the Copy Fail local privilege escalation path. The protected run uses default seccomp socket-family protection, with no custom policy rule required.

## Mitigation

The default agentsh seccomp configuration denies AF_ALG setup while normal networking remains available. The denial happens at the execution layer and is visible in the session audit trail.

## Sitemap

- [Canonical HTML](https://www.agentsh.org/mitigations/demo-cve-2026-31431/)
- [Site map](https://www.agentsh.org/sitemap.md)
- [Full documentation](https://www.agentsh.org/llms-full.md)