[PLUG] Two new Linux vulnerabilities - just like Copy Fail
Ted Mittelstaedt
tedm at portlandia-it.com
Sun May 10 00:01:58 UTC 2026
<https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo>
0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo: Copy Fail 2: Electric
Boogaloo
<https://github.com/V4bel/dirtyfrag> V4bel/dirtyfrag
<https://nvd.nist.gov/vuln/detail/CVE-2026-43284> NVD - CVE-2026-43284
<https://nvd.nist.gov/vuln/detail/CVE-2026-43500> NVD - CVE-2026-43500
No fix exists for the second one yet so while the vulnerability has been
reserved, it's not written yet
The first one is a bona-fied zero day - the kernel fix was just committed a
couple days ago to the main kernel then notification went out. None of the
distros have released fixed kernels, yet.
So if you have that old Linux system sitting around from a few years back
that you forgot the root password for - these may help! :)
Ted
PS Ya know, I did post here that the Copy Fail vulnerability was going to
be followed up shortly.I did I did.
More information about the PLUG
mailing list