Close Menu
    What's Hot

    Almost Half of House Democrats Vote to End Aid to Israel

    UK proposes voluntary overnight social media curfew for older teens | Social Media News

    Hong Kong Police Raid Independent Bookstores and Arrest 5

    Facebook X (Twitter) Instagram
    Trending
    • Almost Half of House Democrats Vote to End Aid to Israel
    • UK proposes voluntary overnight social media curfew for older teens | Social Media News
    • Hong Kong Police Raid Independent Bookstores and Arrest 5
    • Applied Computing wants to give oil and gas operators an AI model for the entire plant
    • Panama officials visit Beijing in bid to end shipping row
    • The rating reforms needed to tackle private credit’s vulnerabilities
    • National Beverage Stock Is At The Lows For Good Reason (NASDAQ:FIZZ)
    • A better way to turn 2D designs into 3D models for rapid prototyping | MIT News
    interluknewsinterluknews
    • Home
    • Business
      • Corporate News
      • Industry Insights
      • Startups & Entrepreneurship
      • Technology & Innovation
    • Economy
      • Economic Policy
      • Financial Analysis
      • Inflation & Interest Rates
      • Trade & Markets
    • Global
      • Conflicts & Security
      • Diplomacy
      • Global Trends
      • International Affairs
    • Lifestyle
      • Fashion
      • Food & Dining
      • Personal Development
      • Travel
    • Opinion
      • Columns
      • Editorials
      • Expert Opinions
      • Reader Voices
    • More
      • Politics
        • Elections
        • Government & Policy
        • International Relations
        • Political Analysis
      • Sports
        • Cricket
        • Football / Soccer
        • International Sports
        • Local Sports
      • Technology
        • Artificial Intelligence
        • Cybersecurity
        • Gadgets & Reviews
        • Tech News
      • South Africa News
    Facebook X (Twitter) Instagram
    interluknewsinterluknews
    Tech News

    Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers

    adminBy adminMay 1, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest Copy Link Telegram LinkedIn Tumblr Email
    Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers and on personal devices.

    The vulnerability and exploit code that exploits it were released Wednesday evening by researchers from security firm Theori, five weeks after privately disclosing it to the Linux kernel security team. The team patched the vulnerability in versions 7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254) but few of the Linux distributions had incorporated those fixes at the time the exploit was released.

    A Single Script to Hack Them All

    The critical flaw, tracked as CVE-2026-31431 and the name CopyFail, is a local privilege escalation, a vulnerability class that allows unprivileged users to elevate themselves to administrators. CopyFail is particularly severe because it can be exploited with a single piece of exploit code—released in Wednesday’s disclosure—that works across all vulnerable distributions with no modification. With that, an attacker can, among other things, hack multi-tenant systems, break out of containers based on Kubernetes or other frameworks, and create malicious pull requests that pipe the exploit code through CI/CD work flows.

    “‘Local privilege escalation’ sounds dry, so let me unpack it,” researcher Jorijn Schrijvershof wrote Thursday. “It means: An attacker who already has some way to run code on the machine, even as the most boring unprivileged user, can promote themselves to root. From there they can read every file, install backdoors, watch every process, and pivot to other systems.”

    Schrijvershof added that the same Python script Theori released works reliably for Ubuntu 22.04, Amazon Linux 2023, SUSE 15.6, and Debian 12. The researcher continued:

    Why does that matter on shared infrastructure? Because “local” covers a lot of ground in 2026: every container on a shared Kubernetes node, every tenant on a shared hosting box, every CI/CD job that runs untrusted pull-request code, every WSL2 instance on a Windows laptop, every containerised AI agent given shell access. They all share one Linux kernel with their neighbors. A kernel LPE collapses that boundary.

    The realistic threat chain looks like this. An attacker exploits a known WordPress plugin vulnerability and gets shell access as www-data. They run the copy.fail PoC. They are now root on the host. Every other tenant is suddenly reachable, in the way I walked through in this hack post-mortem. The vulnerability does not get the attacker onto the box; it changes what happens in the next ten seconds after they land there.

    The vulnerability stems from a “straight-line” logic flaw in the kernel’s crypto API. Many exploits exploiting race conditions and memory corruption flaws don’t consistently succeed across kernel versions or distributions, and sometimes even on the same machine. Because the code released for CopyFail exploits a logic flaw, “reliability isn’t probabilistic, and the same script works across distributions, researchers from Bugcrowd wrote. “No race window, no kernel offset.”

    CopyFail gets its name because the authencesn AEAD template process (used for IPsec extended sequence numbers) doesn’t actually copy data when it should. Instead, it “uses the caller’s destination buffer as a scratch pad, scribbles 4 bytes past the legitimate output region, and never restores them,” Theori said. “The ‘copy’ of the AAD ESN bytes ‘fails’ to stay inside the destination buffer.”

    The Worst Linux Vulnerability in Years

    Other security experts echoed the perspective that CopyFail poses a serious threat, with one saying it’s the “worst make-me-root vulnerabilities in the kernel in recent times.”

    The most recent such Linux vulnerability was Dirty Pipe from 2022 and Dirty Cow in 2016. Both of those vulnerabilities were actively exploited in the wild.

    access Attackers computers Countless Dangerous Exploit Linux root
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Previous ArticleA Dark-Money Campaign Is Paying Influencers to Frame Chinese AI as a Threat
    Next Article NBA player prop picks, odds: Three best 2026 NBA Playoffs prop bets for Friday, May 1
    admin
    • Website

    Related Posts

    OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials

    July 15, 2026

    England vs Argentina: Jamie Carragher believes Thomas Tuchel’s side can exploit Lionel Messi in their World Cup semi-final | Football News

    July 14, 2026

    11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot

    July 14, 2026
    Leave A Reply Cancel Reply

    Demo
    Latest Posts

    Almost Half of House Democrats Vote to End Aid to Israel

    UK proposes voluntary overnight social media curfew for older teens | Social Media News

    Hong Kong Police Raid Independent Bookstores and Arrest 5

    Applied Computing wants to give oil and gas operators an AI model for the entire plant

    Latest Posts

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo

    We are a digital news platform delivering timely, accurate, and insightful coverage of politics, global affairs, business, economy, sports, and more. Our mission is to keep readers informed with reliable news, clear analysis, and stories that truly matter.
    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Type above and press Enter to search. Press Esc to cancel.

    Powered by
    ...
    ►
    Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
    None
    ►
    Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
    None
    ►
    Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
    None
    ►
    Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
    None
    ►
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    None
    Powered by