Major Linux Security Vuln "CopyFail"

pturmel · April 30, 2026, 10:34pm

Announced last night...

TL/DR:

Almost all versions of Linux affected, including WSL/WSL2.
Security researcher announced suddenly, with major distros not yet patched.
Privilege escalation allows any user running code on a target can escalate to root
Include escalation from container scope to host scope
Does not appear to affect other Virtual Machines.

pturmel · April 30, 2026, 11:54pm

Quick mitigation on unpatched systems:

should disable the algif_aead module

via standard kernal module blacklisting.

...presuming you are not using that specific crypto algorithm, of course.