Skip to main content

Search

Items tagged with: copyfail

Thanks to AI, hackers quickly discovered new vulnerabilities such as CopyFail, DirtyFrag, and Fragnesia. They use LLMs to analyse Linux, finding and exploiting the security flaws faster than ever. The expertise required to hack is at an all-time low.

The Fedora Project decided to explain which precautions are being put in place to protect your system:

🌍 fedoramagazine.org/how-fedora-…

#security #opensource #foss #linux #kernel #fedora #redhat #hacking #ai #llm #coding #copyfail #dirtyflag #fragnesia


How Fedora is responding to recent Kernel vulnerabilities - Fedora Magazine

Learn about the Fedora Project's process for managing package security vulnerabilities, in the context of recent Linux Kernel disclosures.
Daniel Milnes (Fedora Project)
#opensource #Linux #security #ai #foss #Hacking #fedora #coding #llm #redhat #kernel #copyfail #dirtyflag #fragnesia

#Linux #Exploit #kernel #copyfail #hugops #DirtyFrag

Today I have spent way too much time handling the copy.fail situation #copyfail

The persons who discovered it didn't notify the distribution security list, so no patched kernels was available for people to install when they released it.

But they did have time to write an exploit, and thought it was a good idea to distribute that on day one, before vendors had time to provide patches.

I'm not very impressed with xint.io, I guess it's the marketing department that runs the show.


Copy Fail — 732 Bytes to Root

CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
Xint
#copyfail

RE: infosec.exchange/@patrickcmill…

“The realistic threat chain looks like this. An attacker exploits a known WordPress plugin vulnerability and gets shell access as www-data. They run the copy.fail PoC. They are now root on the host. Every other tenant is suddenly reachable, in the way I walked through in this hack post-mortem. The vulnerability does not get the attacker onto the box; it changes what happens in the next ten seconds after they land there.”

#CopyFail #linux #exploit

Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)

The most severe Linux threat to surface in years catches the world flat-footed https://arstechnica.com/security/2026/04/as-the-most-severe-linux-threat-in-years-surfaces-the-world-scrambles/
Patrick C Miller :donor: (Infosec Exchange)
#Linux #Exploit #copyfail

Copy Fail (CVE-2026-31431) has just been patched on Debian 13, with kernel version 6.12.85-1 from trixie (security).

security-tracker.debian.org/tr…

#CopyFail #Debian #Linux #InfoSec #CVE

CVE-2026-31431

security-tracker.debian.org
#Linux #infosec #Debian #cve #copyfail

A lot of people are apparently happily running a script clearly marked as a root exploit from some random website using curl | bash :blobsweat:

Some do inspect the script, but then still run it using curl | bash anyway. :thaenkin:

Incidentally, this very relevant blogpost about detecting curl | bash and serving different scripts based on that is almost exactly a decade old:
web.archive.org/web/2023031806…

#CopyFail #InfoSec

Detecting the use of "curl | bash" server side | Application Security

Another reason not to pipe from curl to bash. Detecting curl | bash serverside.
web.archive.org
#infosec #copyfail