The Fatal 4-Byte Error That Just Broke Linux | Threat Wire

Added: 2026-05-12

[00:00:00]Every Linux kernel built between 2017 to about last week are affected by this new finding. If you're a Linux user and you haven't heard of copy fail, you need to pay attention to this episode. I'm Ally Diamond. This story and more on your weekly cyber security news roundup. This is threat.

[00:00:22]The vulnerability named copy fail recorded under CVE 2026 31431 was discovered by the team at Xent code.

[00:00:30]It was awarded a CVSS score of 7.8. It is a 732 byte Python script that it can achieve root on Linux distributions. The original impetus for the findings was from researcher Tayyang Lee at theory.

[00:00:44]It was originally disclosed to the Linux kernel security team in le March 2026 and patches were committed to Maine on April Fool's 2026. Let's dive in to how it works a little bit more. Copy fail requires only an unprivileged local user account. No network access, no kernel debugging features, no pre-installation primitives. The kernel crypto API ships enabled in essentially every mainstream DRO's default config. So the entire 2017 to patch window is in play out of the box. The researchers at XINT discovered there was an issue with the fact that corrupted pages in the page cache are never marked for writeback. These dirty pages are what are actually read when accessing a file. So the version used systemwide will be the corrupted version. This can also be used to execute a container escape in certain use cases. The vulnerability stems from a logic flaw in the Linux kernel's AE Aad crypto implementation where improper handling of scatter gather lists allow a write beyond intended bounds. By chaining this flaw with AF ALG sockets and splice, an attacker can overwrite four bytes in the page cache of any readable file, including set UID binaries. Bad actors are able to take advantage of a logic bug in the O enclo to execute the four byte rewrite. This rewrite can be used to achieve root by writing to the page of the set UID binary or escape containers due to page cache sharing across the host. If you're interested in learning more, my good friend Ed over at Low Level TV has a fabulous video explaining how this works from first dish principles to pretty deep understanding. I really recommend watching his video. It's fabulous. In their writeup, the Excent team also included a list of what to patch first based on severity of effectiveness with the highest priority being multi-tenant Linux hosts and the lowest being single user laptops and workstations. Linux admins are having a hard time right now with this because there's so much to upgrade. So, be nice. Speaking of having a hard time, we need to talk about GitHub. Yes, the constant outages are on the tips of every developer's tongue, but it's a pretty good reason to take a break at work. But we're really here to talk about another issue with GitHub that finally went public. The team at Whiz Research discovered a vulnerability in GitHub via their Git infrastructure that resulted in an injection flaw allowing rce on GitHub. The finding was awarded CVE 2026 2854 and given a CVSS score of 8.8. In case you were wondering, yes, this was found using AI.

[00:03:28]In their blog post announcing their findings, Whiz says the following.

[00:03:31]Notably, this is one of the first critical vulnerabilities discovered in closed source binaries using AI, highlighting a shift in how these flaws are identified. Despite the complexity of the underlying system, the vulnerability is remarkably easy to exploit. The attack uses option fields for the git push function to inject a well-crafted call containing an unsanitized character. That unsanitized character would then be used to affect the inputs of downstream services and cause exploitation. This can then be used to overwrite security flags and due to lack of sanitization can lead to rce.

[00:04:06]To understand what was happening, we injected user operator mode equals bull true to enable debug output on both platforms. Comparing the output side by side, we noticed that github.com was missing certain hook execution steps that appeared on ghes.

[00:04:23]The custom hooks code path was simply not being reached. We went back to the binary and dug deeper. Through further reverse engineering, we identified a boolean flag in the XSAT header that controls whether the server operates in enterprise mode. On GHES, this flag defaults to true. So, the custom hooks path is always active. On github.com, it defaults to false, meaning custom hooks are never reached under normal conditions. The original finding was reported to GitHub on March 4th, 2026, and GitHub deployed a fix that day.

[00:04:57]Luckily, they found no one had been taken advantage of with this Git vulnerability. But there were other issues happening on GitHub this week.

[00:05:06]Sadly, we still have Team PCP on a rampage. This time, they were able to infiltrate the PyTorch Lightning package on Pippi. This package provides tools for training AI models. The attack led to the uploading of credential stealing software and integrating it into malicious versions of the lightning package. This was originally discovered by the team over at Socket. To be honest, this doesn't really feel like fresh news. For the past few months, we've seen team PCP and tools like the shy halludeworm wreak havoc and put software supply chains on the forefront of security personnel's minds. One thing I didn't mention in last week's story about the Bit Warden CLI vulnerability was that it appears to have been caused by getting hit by that same shy hallude vulnerability. Instead, we're here to talk about the meta of the story because I think it's funny. The account that owns the Lightning project on GitHub was infiltrated and taken over by attackers.

[00:05:59]In finding the malicious acting packages available in recently updated Lightning versions, the team at Soocket went onto GitHub and the GitHub repo and opened an issue to let the developers know of the infiltration. But since the lead account had been compromised, the bad actors kept closing the issue. It became a duke it out opening and closing of the issue until the bad actors posted this amazing meme to tell the socket team to essentially shut up. The developers did eventually get control back of the GitHub repo and push updates to fix the malicious inclusions, but I love a good crab meme. Also, normally I wouldn't call these things out, but I wanted to give a huge congrats to my friend Tuckner, who had his company Secure Annex, recently acquired by Socket last week. I've known Tucker for a few years now, and as we know, I am a huge fan of software supply chain work. So, to hear his extension vulnerability finding software was picked up by Frost and the socket team, I was over the moon. Tucker also never took any VC funding and did it all by himself. Congrats, Tuckner.

[00:07:01]Besides news, Google has adjusted their expected bug bounty program payouts as a result of AI and accelerated vulnerability finding. They prioritize vulnerabilities difficult for AI programs to find, complete proof of concept submissions, and high user impact findings. Findings for things like Chrome have dropped in value.

[00:07:20]GitHub is aware they're having a lot of uptime issues and is really sorry about it. Yesterday, I couldn't get work done because I was trying to merge a bunch of changes and needed to pass a bunch of CI tests, but couldn't because GitHub kept breaking. ClickUp had a data leak that was exposing enterprise emails for over a year. An API key was embedded in their public website. In terminal drama, Ghost Dy Terminal announced they would be moving off GitHub while warp terminal announced they would be going open source. Fantasy lovers and tabletop gamers rejoice. GPT 5.1 for some reason kept talking about goblins. They literally measured a 175% increase in the use of the term goblin in 5.1. They say they resolved the issue in 5.4. But if you want to go full goblin mode, they released the launch command to run codeex without the goblin filter. Thank you so much for watching Threatwire for the week of May 4th, 2026. If you enjoyed the show, please be sure to like, comment, subscribe. We are at 999,500 subscribers right now. So again, comment, like, subscribe. If you like our reals, be sure to go check them out.

[00:08:27]I'm going to try and make more effort to post the reals. In other news, um I have been seeing a lot of your comments about my weight and the fact that I look kind of sick. I mean, right now I'm just getting used to lighting a green screen, so please be kind to me about that. But I did publish a whole situation about that on my Instagram if you want to go see what's going on with me. So, please be sure to go check that out. Um, comments are comments anyways and I don't really care. But thank you so much for watching. If you want to find me online, you can find me everywhere at ending with Ally. And remember, good luck, have fun, and don't get caught.