Copy Fail: Linux Kernel Bug Roots Every Major Distro #linux #cybersecurity #kernel

A nine-year-old Linux kernel bug just got a public exploit. One Python script under a kilobyte takes any logged-in user to root — on essentially every major distro. Researchers are calling it Copy Fail. It's a logic flaw in the kernel's crypto interface that lets an unprivileged user write four exact bytes into the page cache, where they corrupt the in-memory copy of su to hand out a root shell. Because the page cache is shared across the host, it also crosses container boundaries — a privilege escalation and a container escape in one. Debian, Ubuntu, SUSE, and Amazon Linux have shipped patches; Red Hat initially said it would defer the fix, then walked that back the same week and committed to patching alongside everyone else. Source: https://www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/ More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday.