this post was submitted on 30 Apr 2026
112 points (96.7% liked)

Linux

13504 readers
310 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
112
The same 732-byte Python script roots every Linux distribution shipped since 2017 (copy.fail)
submitted 3 days ago* (last edited 3 days ago) by not_IO@lemmy.blahaj.zone to c/linux@programming.dev
29 comments fedilink hide all child comments
 

woaw

also a good blog post about it https://xint.io/blog/copy-fail-linux-distributions

you are viewing a single comment's thread
view the rest of the comments
[–] superglue@lemmy.dbzer0.com 2 points 3 days ago (2 children)

What I read said the patch was merged into main on April 1st, so they should have.

[–] lengau@midwest.social 3 points 2 days ago

This thread gives a good rundown of what happened: https://infosec.exchange/@wdormann/116489443704631952

[–] stuner@lemmy.world 2 points 2 days ago (1 children)

It looks like the fixes were merged in 6.18, 6.19, and 7.0. But all older (but supported) LTS kernels didn't have the fix, like 6.12, which is used in Debian 13. And it also seems that Ubuntu, RHEL, and SUSE had not picked up the patches in their kernel versions.

[–] Successful_Try543@feddit.org 1 points 2 days ago* (last edited 2 days ago)

The kernel 6.12.73-1 used by Debian Trixie is still vulnerable. Applying security updates should update the kernel to 6.12.85-1 and fix the issue.

https://security-tracker.debian.org/tracker/CVE-2026-31431