rabber@lemmy.ca to Linux@lemmy.mlEnglish · 2 days agoCopy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.copy.failexternal-linkmessage-square37linkfedilinkarrow-up1242arrow-down11cross-posted to: selfhosted@lemmy.worldselfhosted@lemmy.worldtechnology@lemmy.worldcybersecurity@sh.itjust.workslinux@lemmy.mllinux@programming.devcybersecurity@infosec.pubcybersecurity@sh.itjust.workssecurity@lemmy.ml
arrow-up1241arrow-down1external-linkCopy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.copy.failrabber@lemmy.ca to Linux@lemmy.mlEnglish · 2 days agomessage-square37linkfedilinkcross-posted to: selfhosted@lemmy.worldselfhosted@lemmy.worldtechnology@lemmy.worldcybersecurity@sh.itjust.workslinux@lemmy.mllinux@programming.devcybersecurity@infosec.pubcybersecurity@sh.itjust.workssecurity@lemmy.ml
minus-squareAatube@piefed.sociallinkfedilinkEnglisharrow-up5arrow-down1·2 days agoThe compressed binary blob is just a 160 B ELF when uncompressed. I don’t think you can do much with that.
minus-squarequick_snail@feddit.nllinkfedilinkarrow-up8·2 days agoI bet you could gain root on many old kernels
minus-squareatzanteol@sh.itjust.workslinkfedilinkEnglisharrow-up9·2 days agoYou could probably write all zeros to a file. Say, /dev/sda?
The compressed binary blob is just a 160 B ELF when uncompressed. I don’t think you can do much with that.
I bet you could gain root on many old kernels
You could probably write all zeros to a file. Say, /dev/sda?
???
profit