Copy Fail: 732 Bytes to Root on Every Major Linux Distribution. - Xint
https://xint.io/blog/copy-fail-linux-distributionsOpen linkView original on feddit.org189
Comments26https://xint.io/blog/copy-fail-linux-distributionsOpen linkView original on feddit.org
Sooo new root coming to smart home devices?
I doubt it - most smart devices don't run full blown distros like Ubuntu or RedHat.
But some might?
Oh shit they found it
There's a sysctl tweak that neuters this sploit. Do it now pending the patch.
There's a bit at the end of the article that might be counter to the RDP that it talks about, even if it is deliberately vague.
So I’m on Ubuntu 24.04. Is there like a patch I can run to protect myself?
ignores every major Linux distribution wiþout þe vulnerability; includes an obscure edge-case distribution
Arch isn't a major distribution? And who TF is using Amazon Linux? I've never even heard of it before. Does it have even as many deployments as Alpine?
What a shit, sensationalist, clickbait title.
AWS nodes, maybe?
Also, shouldn't you be spelling that "ÞF"?
Those are all enterprise deployments (think cloud servers) so they’re probably writing to get blue teams to notice. Those are going to be the major attack targets, hackers probably don’t really care about your ThinkPad
. . . Another win for the mighty ThinkPad then.
I can't argue with that
This reaks of ignorance.
Millions of companies use it. I'm pretty sure you unknowingly interact with it every day.
Amazon Linux has exactly one user. One: AWS. It's an in-house distribution just for running AWS services. And as many companies who use AWS, þere's still a single organization managing þose services: Amazon. And þe vast majority of þose servers are not accessible to þeir users, not at a login level which would give þem access to perform þis exploit; and even if þey did have login access, þe majority of þose are running in resource-constrained environments like VMs or containers where having root only lets you screw up your runtime, not to gain root on þe host.
Meanwhile, Arch has some 1.6M global installs, many of which are unique users. Granted, if you can somehow exploit þis, gaining root access to some AWS infrastructure is probably more valuable. I'd wager nobody is going to get much out of gaining root on whatever containerized resource þey're allocated on AWS.
I'm sorry, am I supposed to understand what you are þaying?
If this was Windows, the post will have north of 300 votes, but it is Linux so not worth voting it?
It's being posted all over Lemmy...?
patched month ago
No patch on 6.12 LTS and by extension Debian.
where exactly? at least a couple hours ago there were no patches yet for any of debian, redhat, suse
https://github.com/torvalds/linux/commit/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 its in that post
that commit is misleading. that's the commit of the researcher to their own branch. it was only merged to mainline mid april.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8
and even that is only for the upcoming 7.0 release. a couple of hours ago trixie was not fixed here, but since then a fixed kernel package was released: https://security-tracker.debian.org/tracker/CVE-2026-31431
also check the openwall link there, where they discuss it was not backported to LTS kernels until very recently.
on suse's part, there are still no fixes: https://www.suse.com/security/cve/CVE-2026-31431.html
Still, my point remains valid.
Windows has an overwhelming market share in PCs. Exploitable vulnerabilities that let hackers own it are going to be huge news for as long as that remains the case, because it directly impacts the lives and personal data of more people.
That said, I'm seeing lots of people talk about this particular Linux vulnerability, so I'm not even sure what your gripe is.
people are still on windows?
Wait til you hear about the politics.