Linux Copy Fail: ‘A Trivially Exploitable Bug’
.jpg?prefix=media%2Farticle-covers)
Cointelegraph
The US CISA has added the “Copy Fail” Linux vulnerability to its KEV catalog, warning of its potential for trivial root access exploitation.Summary
The US Cybersecurity and Infrastructure Agency (CISA) has added a critical Linux vulnerability, dubbed “Copy Fail,” to its Known Exploited Vulnerabilities catalog. Discovered by security researchers and reported by Theori CEO Brian Pak, the flaw affects major Linux distributions released since 2017. The vulnerability allows attackers to gain root access through a simple Python script, provided they already have initial code execution on the system. Although patches were released in April, the flaw's presence in widely used systems—including those powering blockchain nodes and crypto exchanges—poses significant security risks.
(Source:Cointelegraph)