home.social

#theori — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #theori, aggregated by home.social.

  1. The Bad Place @[email protected] ·

    Feed: All Latest | Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers by Dan Goodin, Ars Technica

    AI generated summary, Read the full article for complete information.

    A newly disclosed Linux kernel vulnerability, dubbed CopyFail (CVE‑2026‑31431), enables a local privilege‑escalation that lets an unprivileged attacker obtain root on virtually any Linux distribution with a single, unmodified script. Released by security firm Theori after a brief private disclosure, the flaw resides in the kernel’s crypto API where an AEAD template copy operation overwrites adjacent memory, allowing the attacker to elevate privileges, break out of containers, compromise multi‑tenant systems, and hijack CI/CD pipelines. Although patches were quickly issued for several kernel versions (7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254), many distributions had not yet applied them, leaving countless desktops, servers, and cloud environments exposed. Experts warn that the exploit’s reliability surpasses earlier high‑profile kernel bugs like Dirty Pipe and Dirty Cow, and they urge all Linux users to verify that their systems incorporate the relevant fixes or follow vendor mitigation guidance.

    Read more: wired.com/story/dangerous-new-

    #Theori #Ubuntu #Amazon #SUSE #Debian #RedHat #Fedora #ArchLinux #Kubernetes #Linux #copyfail #security #security_cyberattacksandhacks #security_securitynews

    #theori #ubuntu #amazon #suse #debian #redhat
  2. The Bad Place @[email protected] ·

    Feed: All Latest | Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers by Dan Goodin, Ars Technica

    AI generated summary, Read the full article for complete information.

    A newly disclosed Linux kernel vulnerability, dubbed CopyFail (CVE‑2026‑31431), enables a local privilege‑escalation that lets an unprivileged attacker obtain root on virtually any Linux distribution with a single, unmodified script. Released by security firm Theori after a brief private disclosure, the flaw resides in the kernel’s crypto API where an AEAD template copy operation overwrites adjacent memory, allowing the attacker to elevate privileges, break out of containers, compromise multi‑tenant systems, and hijack CI/CD pipelines. Although patches were quickly issued for several kernel versions (7.0, 6.19.12, 6.18.12, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254), many distributions had not yet applied them, leaving countless desktops, servers, and cloud environments exposed. Experts warn that the exploit’s reliability surpasses earlier high‑profile kernel bugs like Dirty Pipe and Dirty Cow, and they urge all Linux users to verify that their systems incorporate the relevant fixes or follow vendor mitigation guidance.

    Read more: wired.com/story/dangerous-new-

    #Theori #Ubuntu #Amazon #SUSE #Debian #RedHat #Fedora #ArchLinux #Kubernetes #Linux #copyfail #security #security_cyberattacksandhacks #security_securitynews

    #theori #ubuntu #amazon #suse #debian #redhat
  3. PrivacyDigest @[email protected] ·

    The most severe #Linux threat to surface in years catches the world flat-footed

    Publicly released #exploit code for an effectively unpatched #vulnerability that gives #root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers & on personal devs

    …code that #exploits it were released from #security firm #Theori , 5 weeks after privately disclosing it to Linux #kernel security team

    arstechnica.com/security/2026/

    #kernel #theori #security #exploits #root #vulnerability
  4. PrivacyDigest @[email protected] ·

    The most severe #Linux threat to surface in years catches the world flat-footed

    Publicly released #exploit code for an effectively unpatched #vulnerability that gives #root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers & on personal devs

    …code that #exploits it were released from #security firm #Theori , 5 weeks after privately disclosing it to Linux #kernel security team

    arstechnica.com/security/2026/

    #kernel #theori #security #exploits #root #vulnerability
  5. PrivacyDigest @[email protected] ·

    The most severe #Linux threat to surface in years catches the world flat-footed

    Publicly released #exploit code for an effectively unpatched #vulnerability that gives #root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers & on personal devs

    …code that #exploits it were released from #security firm #Theori , 5 weeks after privately disclosing it to Linux #kernel security team

    arstechnica.com/security/2026/

    #kernel #theori #security #exploits #root #vulnerability
  6. PrivacyDigest @PrivacyDigest ·

    The most severe threat to surface in years catches the world flat-footed

    Publicly released code for an effectively unpatched that gives access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers & on personal devs

    …code that it were released from firm , 5 weeks after privately disclosing it to Linux security team

    arstechnica.com/security/2026/

    #kernel #theori #security #exploits #root #vulnerability
  7. PrivacyDigest @[email protected] ·

    The most severe #Linux threat to surface in years catches the world flat-footed

    Publicly released #exploit code for an effectively unpatched #vulnerability that gives #root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe compromises inside data centers & on personal devs

    …code that #exploits it were released from #security firm #Theori , 5 weeks after privately disclosing it to Linux #kernel security team

    arstechnica.com/security/2026/

    #kernel #theori #security #exploits #root #vulnerability
  8. Tim Allison @[email protected] ·

    Fun writeup by #Theori exploring traces in their cyber reasoning system for #aixcc

    theori.io/blog/exploring-trace

    #theori #aixcc
  9. Tim Allison @[email protected] ·

    Fun writeup by #Theori exploring traces in their cyber reasoning system for #aixcc

    theori.io/blog/exploring-trace

    #theori #aixcc
  10. Tim Allison @[email protected] ·

    Fun writeup by #Theori exploring traces in their cyber reasoning system for #aixcc

    theori.io/blog/exploring-trace

    #theori #aixcc
  11. Tim Allison @[email protected] ·

    Fun writeup by #Theori exploring traces in their cyber reasoning system for #aixcc

    theori.io/blog/exploring-trace

    #aixcc #theori
  12. Tim Allison @[email protected] ·

    Fun writeup by #Theori exploring traces in their cyber reasoning system for #aixcc

    theori.io/blog/exploring-trace

    #theori #aixcc
  13. Pyrzout :vm: @[email protected] ·

    Theori unveils Xint to automate security operations in cloud and hybrid environments helpnetsecurity.com/2024/05/08 #Industrynews #Theori

    #industrynews #theori
  14. Pyrzout :vm: @[email protected] ·

    Theori unveils Xint to automate security operations in cloud and hybrid environments helpnetsecurity.com/2024/05/08 #Industrynews #Theori

    #industrynews #theori
  15. Pyrzout :vm: @[email protected] ·

    Theori unveils Xint to automate security operations in cloud and hybrid environments helpnetsecurity.com/2024/05/08 #Industrynews #Theori

    #theori #industrynews
  16. Pyrzout :vm: @[email protected] ·

    Theori unveils Xint to automate security operations in cloud and hybrid environments helpnetsecurity.com/2024/05/08 #Industrynews #Theori

    #industrynews #theori