Copy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.

rabber@lemmy.ca · 25 days ago

Copy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.

Bitflip@lemmy.ml · 25 days ago

Probably because the attack vector is having a user account on the target

nyan@sh.itjust.works · 25 days ago

Exactly. It’s Yet Another Privilege Escalation Vulnerability. Unless you’re dealing with a multiuser machine, the attacker first needs to use some other vuln to get into an unprivileged account. Without that additional vulnerability, this exploit is useless.

solrize@lemmy.ml · 25 days ago

some other vuln

You mean like inveigling it into a pypi or npm or whatever package? Checks out.

Technus@lemmy.zip · 25 days ago

“The exploit is coming from inside the house!”

sakuraba@lemmy.ml · 25 days ago

hey these exploits keep the lights on for some tech youtubers, stop making fun of it!! it is very dangerous!!!

(video titled: LINUX HAS BEEN HACKED, AGAIN?!)

Copy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.

Copy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.

Copy Fail — 732 Bytes to Root