Mastodawn

Hacker News 11h ago

Dirtyfrag: Universal Linux LPE

https://www.openwall.com/lists/oss-security/2026/05/07/8

#HackerNews #Dirtyfrag #UniversalLinux #LPE #LinuxSecurity #Exploit #Vulnerability #OpenSource

oss-security - Dirty Frag: Universal Linux LPE

Rocky Linux

13h ago

CopyFail (CVE-2026-31431) is a high-severity Linux kernel vulnerability -- patches are out now for Rocky Linux 8.10, 9.8, and 10.1.

Any unprivileged local user can escalate to root in seconds. Multi-tenant hosts, containers, and CI runners should prioritize this one.

Fix it with:
sudo dnf --refresh update 'kernel*'

Full write-up on the blog:
https://forums.rockylinux.org/t/copyfail-cve-2026-31431-patches-now-available-for-rocky-linux/20422
#RockyLinux #Linux #OpenSource #LinuxSecurity #CopyFail

CopyFail (CVE-2026-31431): Patches Now Available for Rocky Linux

TL;DR: A high-severity local privilege escalation vulnerability in the Linux kernel has been publicly disclosed with a working exploit. Patches are available now for Rocky Linux 8.10, 9.7, and 10.1. Update your kernel and reboot. What happened On April 29, security researchers from Theori disclosed a Linux kernel vulnerability they named CopyFail, tracked as CVE-2026-31431. The flaw has been present in essentially every mainstream Linux kernel built since 2017. The bug sits in the kernel’s alg...

Rocky Linux Forum

SudoAptChat 2d ago

GISEC GLOBAL 2026 – The Middle East & Africa’s Largest Cybersecurity Event
Aggregated from www.darkreading.com.Read the full article →
https://sudoaptchat.com/gisec-global-2026-the-middle-east-amp-africas-largest-cybersecurity-event/
#LinuxSecurity

Michael J Burgess Apr 29

Ubuntu 26.04 Security Shift

Ubuntu 26.04 LTS brings TPM-backed disk encryption, confidential computing, safer defaults, and more. Here is what matters most.

https://beitmenotyou.online/ubuntu-26-04-security-shift/

Rocky Linux

3d ago

Heads up: CVE-2026-31431 (Copy Fail) is a kernel crypto vulnerability affecting Rocky Linux. Our community is on it: tracking patches and sharing Rocky-specific guidance as it develops.

If you're running Rocky in production, check the forum thread for the latest:

https://forums.rockylinux.org/t/cve-2026-31431-copy-fail-linux-kernel-crypto-vulnerability/20375/8
#RockyLinux #LinuxSecurity #OpenSource

CVE-2026-31431 - Copy Fail - Linux kernel crypto vulnerability

I added the following line to /etc/default/grub: GRUB_CMDLINE_LINUX=“initcall_blacklist=algif_aead_init” then did a sudo grub2-mkconfig -o /boot/grub2/grub.cfg upon reboot the exploit no longer works. The failure message is: AttributeError: module ‘os’ has no attribute ‘splice’. You would probably want to revert this change once a patched kernel is released.

Rocky Linux Forum

fosstopia 🇩🇪4d ago

Kritische Kernel Lücke bedroht zahlreiche Linux Systeme https://fosstopia.de/kritische-kernel-lucke-26/ #ITSecurity #LinuxKernelLücke #LinuxSecurity

OSTechNix 4d ago

AlmaLinux released critical kernel patches to fix Copy Fail (CVE-2026-31431), a high-severity vulnerability. Update your AlmaLinux systems today.

Full details here: https://ostechnix.com/almalinux-copy-fail-cve-2026-31431-fix/

#Copyfail #CVE202631431 #Almalinux #Linuxkernel #Patch #Linuxsecurity

AlmaLinux Patched Copy Fail (CVE-2026-31431) Ahead of Upstream - OSTechNix

AlmaLinux released critical kernel patches to fix Copy Fail (CVE-2026-31431), a high-severity vulnerability. Update your AlmaLinux systems.

OSTechNix

Alonso Caballero / ReYDeS 5d ago

🛡️ Curso de Ciberseguridad Windows y Linux 2026. 🗓️ Domingos 3, 10, 17, y 24 de Mayo. ⏰ De 9:00 am a 12:00 pm (UTC -05:00). 📲 WhatsApp: https://wa.me/51949304030 🌎 PDF: https://www.reydes.com/e/Curso_Ciberseguridad_Windows_Linux #cybersecurity #infosec #kalilinux #windowsecurity #linuxsecurity #cyberattack #ethicalhacking

João Tiago Rebelo (NAFO J-121)5d ago

Para quem usa Linux Mint numa versão suportada, um patch do "kmod" que mitiga o "Copy.Fail" está disponível nas actualizações de sistema:
https://forums.linuxmint.com/viewtopic.php?p=2780569#p2780569

De todo o modo, confirmem que versão do kmod têm instalada, com o comando "apt list --installed kmod" (sem as aspas) no terminal e se o resultado for "31+20240202-2ubuntu7.2" já têm a actualização de mitigação.

Se ainda assim tiverem dúvidas, podem verificar as alterações que a versão instalada do kmod fez ao vosso sistema, correndo, no terminal, o comando "apt changelog kmod", se virem "Disable loading of algif_aead module to mitigate CVE-2026-31431 (LP: #2150743) - debian/modprobe.d/disable-algif_aead.conf" então a mitigação está instalada.

Considerando o estado actual dos servidores do Ubuntu, é possível que haja alguns avisos/erros quando correrem o Gestor de actualizações do Linux Mint. Se isso acontecer, tentem actualizar um pouco mais tarde (já vi vários computadores avisarem que ocorreu um erro e, ainda assim, logo de seguida, mostrarem as actualizações disponíveis, incluindo do kmod versão 31+20240202-2ubuntu7.2).

O Linux é vosso amigo.
#LinuxMint #CopyFail #linuxsecurity