rabber@lemmy.ca to Linux@lemmy.mlEnglish · 21 hours agoCopy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.copy.failexternal-linkmessage-square33fedilinkarrow-up1214arrow-down10cross-posted to: cybersecurity@sh.itjust.worksselfhosted@lemmy.worldlinux@lemmy.mltechnology@lemmy.worldlinux@programming.devcybersecurity@sh.itjust.workshackernews@lemmy.bestiver.se
arrow-up1214arrow-down1external-linkCopy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.copy.failrabber@lemmy.ca to Linux@lemmy.mlEnglish · 21 hours agomessage-square33fedilinkcross-posted to: cybersecurity@sh.itjust.worksselfhosted@lemmy.worldlinux@lemmy.mltechnology@lemmy.worldlinux@programming.devcybersecurity@sh.itjust.workshackernews@lemmy.bestiver.se
minus-squareAatube@piefed.sociallinkfedilinkEnglisharrow-up5arrow-down1·17 hours agoThe compressed binary blob is just a 160 B ELF when uncompressed. I don’t think you can do much with that.
minus-squarequick_snail@feddit.nllinkfedilinkarrow-up8·10 hours agoI bet you could gain root on many old kernels
minus-squareatzanteol@sh.itjust.workslinkfedilinkEnglisharrow-up8·15 hours agoYou could probably write all zeros to a file. Say, /dev/sda?
The compressed binary blob is just a 160 B ELF when uncompressed. I don’t think you can do much with that.
I bet you could gain root on many old kernels
You could probably write all zeros to a file. Say, /dev/sda?
???
profit