copy.fail
- Anmelden oder Registrieren um Kommentare zu schreiben
Hello,
As far as I can tell, the copy.fail (https://copy.fail/) vulnerability (CVE-2026-31431) is still not patched. I am running fully updated Trisquel 12 and the local exploit works.
I fully appreciate that this is not a critical issue for single-user laptop systems but it still can, at least in theory, lead to a remote root exploit if chained with another non-root remote execution vulnerability.
Am I missing something?
Thanks in advance,
Alexander
Known mitigation for Ubuntu:
https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/35#issuecomment-4353529712
General situation of the kernel patch:
https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/35#issuecomment-4353811173
Everything is fine with the GNU Linux-libre 7.0.2. [1]
From CVE-2026-31431 [2][3]:
unaffected from 5.10.254
unaffected from 5.15.204
unaffected from 6.1.170
unaffected from 6.6.137
unaffected from 6.12.85
unaffected from 6.18.22
unaffected from 6.19.12
unaffected from 7.0
[1] https://www.fsfla.org/ikiwiki/selibre/linux-libre/freesh.en.html
[2] https://app.opencve.io/cve/CVE-2026-31431
[3] https://cveawg.mitre.org/api/cve/CVE-2026-31431
