nyan

joined 2 years ago
sorted by: new top controversial old
Copy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms. in c/linux@lemmy.ml
[–] nyan@sh.itjust.works 6 points 1 day ago

Well, it often feels like every "Linux security issue" flagged in the tech press is a privilege escalation, but I admit that I haven't sat down and done the math.

Copy Fail (CVE-2026-31431) is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms. in c/linux@lemmy.ml
[–] nyan@sh.itjust.works 26 points 1 day ago (5 children)

Exactly. It's Yet Another Privilege Escalation Vulnerability. Unless you're dealing with a multiuser machine, the attacker first needs to use some other vuln to get into an unprivileged account. Without that additional vulnerability, this exploit is useless.

Three years of Rusty sudo - Trifecta Tech Foundation in c/linux@lemmy.ml
[–] nyan@sh.itjust.works 5 points 1 day ago

We don't talk about 1997. It might hear. 😱