Many of you have probably read about CopyFail CVE-2026-31431 a 0-day exploit that allows pretty much anyone to get root on a Linux system (including SE Linux).
Patches now exist for most major distros, but there is a problem, there appears to be a concerted effort to prevent those updates from getting out - many of the repos responsible for holding the updates are being actively DDOS'd, in particular all of Canonical (Ubuntu, et al) has been unavailable.
AI discovered, it has been in the wild since 2017, it went public April 29th. For technical details, see the Xint Page
This is a scary one, first there is no way to tell if the exploit has been used, and could easily be used for a split second to insert malware that would allow access to host after patching. Shared hosting, dedis, containers, and VPS are all vulnerable. Your homelab is likely safe behind a NAT, but most everyone else needs to update ASAP.
--
https://fossforce.com/2026/05/is-it-panic-time-linuxs-big-bad-copy-fail-security-exploit/
Mitigation without a patch: https://github.com/rootsecdev/cve_2026_31431#mitigation