BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Copy Fail
- Subject: [Discuss] Copy Fail
- From: dsr at randomstring.org (Dan Ritter)
- Date: Fri, 1 May 2026 17:32:27 -0400
- In-reply-to: <20260501165008.351ce004.Richard.Pieri@gmail.com>
- References: <20260501165008.351ce004.Richard.Pieri@gmail.com>
Rich Pieri wrote: > This one is bad. Really bad. Rilly-Rilly-Super-Duper-Ultra bad. > Patch or mitigate now. > > https://xint.io/blog/copy-fail-linux-distributions I personally would reserve a double-Rilly-Super-Duper level of badness for a remote code execution. This is "just" another local privilege escalation attack. If you're not running one of the wifi stacks that require it, For immediate mitigation, block AF_ALG socket creation via seccomp or blacklist the algif_aead module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif-aead.conf rmmod algif_aead 2>/dev/null Not a terrible mitigation. -dsr-
- Follow-Ups:
- [Discuss] Copy Fail
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Copy Fail
- References:
- [Discuss] Copy Fail
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Copy Fail
- Prev by Date: [Discuss] Copy Fail
- Next by Date: [Discuss] Copy Fail
- Previous by thread: [Discuss] Copy Fail
- Next by thread: [Discuss] Copy Fail
- Index(es):
