Yeah I tested CopyFail. It's real. Yikes.
https://discourse.ifin.network/t/copy-fail-732-bytes-to-root-on-every-major-linux-distributions/342
Post
Replies:
14
@mttaggart I'm confused by the mitigation step. "disable the algif_aead module" but does this actually prevent the vulnerability? What about systems that don't have that module loaded or compiled in?
@weyoun6 Then you're solid.
This post has the best details about mitigations I've seen:
@mttaggart The exploit does not work on my Slackware 15.0 systems with a 5.15.93 kernel.
@mttaggart typical bros wanting to get noticed - it's irresponsible to disclose like this.
@mttaggart I love the beauty and simplicity of this exploit
![Robert [KJ5ELX] :donor:](https://media.infosec.exchange/infosec.exchange/accounts/avatars/115/833/042/784/456/710/original/6c4929fda05c7451.gif "Robert [KJ5ELX] :donor:")
@mttaggart It also works on WSL.
@mttaggart Debian 13 still vulnerable with 6.12.74
@AgentK @mttaggart Expect the debian security team to release .84 or .85 tomorrow.
@AgentK @mttaggart "Unpacking linux-image-amd64 (6.12.85-1) over (6.12.74-2) ..."
@mttaggart Can't privesc me if I always run as root!
