โ๏ธ Linux is having a brutal week. Another local to root privilege escalation vulnerability just dropped: "Copy Fail 2: Electric Boogaloo."
This is the third Linux LPE in a row, after Copy Fail and Dirty Frag. The PoC is public on GitHub. There is still no coordinated patch.
https://t.co/6XifksYgZ6
It depends on the kinda push-ups, even. A regular push-up, I've comfortably hit 40 push-ups. A few days, a week maybe, of training could get me to 100 push-ups.
But then, there are far greater push-ups that don't even meet the eyes๐คฃ๐คฃ๐คฃ.
@persomeofficial It depends on the kinda push-ups, even. A regular push-up, I've comfortably hit 40 push-ups. A few days, a week maybe, of training could get me to 100 push-ups.
But then, there are far greater push-ups that don't even meet the eyes๐คฃ๐คฃ๐คฃ.
โ ๏ธCISA Warns of Linux "Copy Fail" 0-Day Vulnerability Exploited to Root Systems
Source: https://t.co/U8x9UG88gJ
CISA has added a critical Linux kernel zero-day vulnerability to its KEV catalog, warning federal agencies and organizations worldwide to patch immediately or discontinue use of affected systems.
The vulnerability resides in the algif_aead module of the Linux kernelโs AF_ALG cryptographic subsystem specifically, a logic bug in the authentication cryptographic template that causes improper memory handling during in-place operations.
What makes this flaw particularly alarming is its exploitability: a 732-byte Python script is all an unprivileged local user needs to reliably escalate privileges to root.
#cybersecuritynews