Son Dakika
KRAI 에이전틱 커머스 시장 등 선점을 위한 제도개선 방안 신속 마련INTLPochettino Celebrates Balogun Ban Overturn, Criticizes Red Card DecisionVNMỹ chấm dứt tìm kiếm quân nhân mất tích sau vụ trực thăng hạ cánh khẩnVNHaaland được chấm điểm 10 sau khi loại BrazilRUЭкс-советник Кучмы: Зеленский зря просил ракеты у ОБСЕITMessico-Inghilterra: Fan Fest Zócalo e Ángel de la Independencia al completoVNMexico vs. Anh: Khó khăn vì độ cao, tin đồn Viagra và lịch sử World CupKR레이밴 메타·오클리 메타 업데이트…판매 채널도 확대GLOBALLyra McKee's Partner Hopes Killer's Conscience Haunts ThemCN澳洲前內政部常務次長:太平洋3年內恐爆戰爭 台灣將是「我們的波蘭」KRAI 에이전틱 커머스 시장 등 선점을 위한 제도개선 방안 신속 마련INTLPochettino Celebrates Balogun Ban Overturn, Criticizes Red Card DecisionVNMỹ chấm dứt tìm kiếm quân nhân mất tích sau vụ trực thăng hạ cánh khẩnVNHaaland được chấm điểm 10 sau khi loại BrazilRUЭкс-советник Кучмы: Зеленский зря просил ракеты у ОБСЕITMessico-Inghilterra: Fan Fest Zócalo e Ángel de la Independencia al completoVNMexico vs. Anh: Khó khăn vì độ cao, tin đồn Viagra và lịch sử World CupKR레이밴 메타·오클리 메타 업데이트…판매 채널도 확대GLOBALLyra McKee's Partner Hopes Killer's Conscience Haunts ThemCN澳洲前內政部常務次長:太平洋3年內恐爆戰爭 台灣將是「我們的波蘭」
Newsgather
GeriCritical 'Copy Fail' Linux Vulnerability Threatens Major Distributions
Critical 'Copy Fail' Linux Vulnerability Threatens Major Distributions
Gelişiyor
Cointelegraph02.05.2026Teknoloji1 dk okuma

Critical 'Copy Fail' Linux Vulnerability Threatens Major Distributions

CISA adds the flaw to its Known Exploited Vulnerabilities catalog as researchers warn of easy root access

Hızlı Bakış

  • A newly discovered Linux vulnerability dubbed 'Copy Fail' allows attackers to gain root access via a simple Python script.
  • CISA has added the flaw to its Known Exploited Vulnerabilities catalog, citing significant risks to federal systems.

Yapay zekâ özeti

Neden Önemli?

The 'Copy Fail' vulnerability is a logic bug affecting Linux distributions released since 2017, allowing for privilege escalation to root access.

Yazı boyutu

A newly discovered vulnerability could affect most open-source major Linux distributions released since 2017, according to security researchers.

The flaw, titled “Copy Fail,” caught the attention of the US Cybersecurity and Infrastructure Agency (CISA), who added it to the Known Exploited Vulnerabilities (KEV) catalog on Saturday, warning it poses “significant risks to the federal enterprise.”

The vulnerability can allow attackers to gain root access across a wide range of Linux systems using a 732-byte Python script, though it requires prior code execution on the system to escalate privileges.

Researcher Miguel Angel Duran said that it only requires “10 lines of Python” to access root permissions on any affected system. “This Linux vulnerability is insane,” Duran said.

Linux is a widely used operating system by cryptocurrency exchanges, blockchain nodes and custodial services, due to its security and efficiency, meaning the vulnerability could potentially pose risks to the sector if attackers gain initial access.

Xint Code said in an X post on Saturday that the flaw “is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years.” “A small, portable python script gets root on all platforms,” Xint Code said.

Cybersecurity firm Theori CEO Brian Pak said in an X post on Saturday that he reported the vulnerability “privately” to the Linux kernel security team on March 23. “We worked with them on patches, which landed in mainline on April 1. CVE assigned April 22. We disclosed publicly on April 29 with a full write-up and PoC,” Pak said.

Bundan Sonra Ne Olabilir?

Yapay zekâ öngörüsü — kesinlik taşımaz

  • Increased reports of attempted exploits targeting unpatched Linux servers.

    Muhtemel · Haftalar içinde

Açık Sorular

  • What is the specific CVE identifier for this vulnerability?
  • How many systems have been successfully compromised using this exploit so far?

İlgili Konular

Bu haber ilk olarak şurada yayınlandı: Cointelegraph.

İlgili Haberler

Bu konuda daha fazlalinux