>A high-severity logic bug in the Linux kernel allows unprivileged attackers to write code to other files’ memory and obtain root shell, cybersecurity firm Theori reports.>Tracked as CVE-2026-31431 (CVSS score of 7.8) and dubbed Copy Fail, the issue is believed to affect all Linux distributions since 2017.>The security defect impacts the kernel’s authencesn Authenticated Encryption with Associated Data (AEAD) template, which IPsec uses for Extended Sequence Number (ESN) support.>According to Theori, the issue is that Linux places page cache pages in a writable scatterlist, that authencesn uses the caller’s destination scatterlist as scratch space, and that a 2017 optimization put page cache pages in the writable scatterlist.>When performing byte rearrangement in the scratch space, authencesn makes a call that writes four bytes of code past the AEAD tag, into the cached copy of another file.>Copy Fail allows an attacker with local code execution privileges to modify the in-memory copy of any setuid-root binary readable by the user, thus achieving root shell access, Theori explains.
It was already patched like a month ago
>>108725677>wow, I ran some random script from the internet on my machine>wow, it's hacked nowfuck off.
>>108725741Why do you take it personally?
>>108725754Why do you keep spamming these threads? Better question, why are you a faggot?
>The attacker needs a normal user account on the machine
Linux is harder to hack because there is so many variations of it, not because it's flawless.
>>108725677>Oh no, a vulnerability that can be blocked with a single terminal command.>Some versions of the kernel have already been patched, others are in the pipelineLiteral nothingburger.
>>108725704>>108725839>>108726146You don't get it, it's over for Linux. We need to burn all the servers with lighter fluid so the bad data isn't on the internet.
>>108725677Doesn't work on my machine.t. Linux 6.18.22
>>108725677use qubes. xen is 100k loc and very easily audited. why bither with one os. its a single point of failure
>>108728696Systemd wouldn't be the problem it is now if Linux hadn't gone mainstream
>>108725677This isn't an RCE. This is just privilege escalation if you already have limited access, so literally doesn't matter to 99% of you
I'd love it if any of these privilege escalations that came out were actually good. Unlike the nasty ones that hit Windows they are already patched and cleaned up by the time a PoC hits.
>>108728696>LoC as an argument in current dateWe had heartbleed because a moron deleted code, he didn't understand.
>>108725677>LOCAL EXPLOITNOTHINGBURGER YOU NIGGER
>>108725843This. To run malware on Linux, you need to meet dependencies first, and there is still a chance that execution of a virus will fail because file not found file not found file not found...
>>108726955You're a retard.Do the world a favour and kill yourself.
>>108729712I hope you just hate me for using a tripcode and not because you don't understand obvious sarcasm.
>>108725677How does this affect Android? There's millions of devices out there that will never be updated.More importantly, how do I use this to steal nudes from women? I already asked this with the supposedly world-ending WebM exploit of 2023 and it couldn't ve done, so I don't give a fuck.
>>108725677doesn't affect me www
>>108728696>compares a hypervisor to a full OSidiot.
>>108725677>an attacker with local code execution privilegesSo in other words, if you run malicious code on your machine you get rekt. Who would've thought?
>>108725677>vulnerability was introduced in 2017by who?
>>108730711*by whom
>>108730711the git repo is available for download.
>>108730570yeah, qubesos runs on the hypervisor. for true opsec you need qubes. too bad the networking/usb configuration on it is so retarded
>>108731147xen just adds complexity and then runs a full OS on top. that helps some things, but it doesn't reduce the complexity or lines of code you're running.
>>108731201it makes it so that even if compromised, only at most an app vm can get offed. you would have to be retarded to get a template compromised
