Copy Fail — 732 Bytes to Root
copy.fail
CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
  • brewery@feddit.ukEnglish
    2·
    2 hours ago

    I have a mix of Debian and Ubuntu servers. I’ll update manually anyway but for future cases, would unattended-upgrades set to security upgrades run daily be enough to stop this type of issue?

    • vegetaaaaaaa@lemmy.worldEnglish
      3·
      1 hour ago

      This is a kernel bug, unattended-upgrades will take care of installing the new kernel once the fix is published, but you still have to reboot to load it. I’ve set up a cron job that runs needrestart nightly and reboots my servers if there is a pending kernel upgrade [1]

  • JelleWho@lemmy.worldEnglish
    281·
    8 hours ago

    For a second I though this was something bad for my computer. But is mainly a server permissions issue it seems. Will patch my server when I’m home though

    • bookmeat@fedinsfw.appEnglish
      71·
      2 hours ago

      It affects any device that can use raw sockets in the kernel. Patch everything.

    • drkt@scribe.disroot.orgEnglish
      21·
      2 hours ago

      What do you mean? If you use Linux on your computer, it’s also relevant. Any program can quietly drop a root shell from any privilege level in 10 lines of python.

      • ipp0@sopuli.xyzEnglish
        13·
        2 hours ago

        This attack must be run locally. The attacker must already have user access. They can then escalate privileges using this. Meaning your box must already be compromised for this to work. Still serious, but no need to panic in most cases.

        • drkt@scribe.disroot.orgEnglish
          1·
          42 minutes ago

          /c/selfhosted moment

          Sure don’t patch a quiet and easy root shell escalation because it is, by itself, not a remote exploit. I sure do hope you trust every single piece of software running on your computer.