rabber@lemmy.ca to Linux@lemmy.mlEnglish · 2 months agoCopy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.copy.failexternal-linkmessage-square38fedilinkarrow-up1248cross-posted to: cybersecurity@sh.itjust.workslinux@lemmy.mlsecurity@lemmy.mlcybersecurity@sh.itjust.workslinux@programming.devhackernews@lemmy.bestiver.se
arrow-up1248external-linkCopy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.copy.failrabber@lemmy.ca to Linux@lemmy.mlEnglish · 2 months agomessage-square38fedilinkcross-posted to: cybersecurity@sh.itjust.workslinux@lemmy.mlsecurity@lemmy.mlcybersecurity@sh.itjust.workslinux@programming.devhackernews@lemmy.bestiver.se
minus-squareAatube@piefed.sociallinkfedilinkEnglisharrow-up6·2 months agoThe compressed binary blob is just a 160 B ELF when uncompressed. I don’t think you can do much with that.
minus-squareatzanteol@sh.itjust.workslinkfedilinkEnglisharrow-up10·2 months agoYou could probably write all zeros to a file. Say, /dev/sda?
minus-squarequick_snail@feddit.nllinkfedilinkarrow-up9·2 months agoI bet you could gain root on many old kernels
The compressed binary blob is just a 160 B ELF when uncompressed. I don’t think you can do much with that.
You could probably write all zeros to a file. Say, /dev/sda?
???
profit
I bet you could gain root on many old kernels