Home » Forum » Trisquel users
Inviato da Alexander_R il Gio, 04/30/2026 - 13:16

copy.fail

2 risposte [Ultimo contenuto]
Gio, 04/30/2026 - 13:16
Alexander_R
Alexander_R
Offline
Iscritto: 04/30/2026

Hello,

As far as I can tell, the copy.fail (https://copy.fail/) vulnerability (CVE-2026-31431) is still not patched. I am running fully updated Trisquel 12 and the local exploit works.

I fully appreciate that this is not a critical issue for single-user laptop systems but it still can, at least in theory, lead to a remote root exploit if chained with another non-root remote execution vulnerability.

Am I missing something?

Thanks in advance,

Alexander

In cima
  • Login o registrati per inviare commenti
  • +1
    0
    -1
    Please use the rating system to mark posts that go against the Community Guidelines
Gio, 04/30/2026 - 21:02
#1
tonino
tonino
Offline
Iscritto: 03/13/2026

Known mitigation for Ubuntu:
https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/35#issuecomment-4353529712

General situation of the kernel patch:
https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/35#issuecomment-4353811173

In cima
  • Login o registrati per inviare commenti
  • +1
    0
    -1
    Please use the rating system to mark posts that go against the Community Guidelines
Ven, 05/01/2026 - 04:32
#2
icarolongo
icarolongo
Offline
Iscritto: 03/26/2011

Everything is fine with the GNU Linux-libre 7.0.2. [1]

From CVE-2026-31431 [2][3]:

unaffected from 5.10.254
unaffected from 5.15.204
unaffected from 6.1.170
unaffected from 6.6.137
unaffected from 6.12.85
unaffected from 6.18.22
unaffected from 6.19.12
unaffected from 7.0

[1] https://www.fsfla.org/ikiwiki/selibre/linux-libre/freesh.en.html
[2] https://app.opencve.io/cve/CVE-2026-31431
[3] https://cveawg.mitre.org/api/cve/CVE-2026-31431

CVE-2026-31431-unaffected-trisquel-gnu-linux-libre-7.0.2.jpg
In cima
  • Login o registrati per inviare commenti
  • +1
    +1
    -1
    Please use the rating system to mark posts that go against the Community Guidelines