oss-sec mailing list archives
Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation)
From: Greg KH <greg () kroah com>
Date: Mon, 4 May 2026 19:38:22 +0200
On Mon, May 04, 2026 at 05:44:52PM +0100, Emily Shepherd wrote:
Why this specific one is somehow more "special" than others was not obvious except after the fact because the submitter decided to provide their exploit code to the world to show off their toolWas the PoC of the exploit / some description of its severity not made available by the reporter to the security team / maintainer when they reported it?
I honestly do not remember, that was months and hundreds, if not thousands, of reports ago. The job of the kernel security team is to triage a bug report, drag in the relevant maintainer/developer, get the issue fixed and merged into Linus's tree as soon as possible. Once it lands in Linus's tree, our role is over. We do not do "announcements" of anything to anyone, so even if this was a "look how bad you can abuse the system" type of thing, we would not be telling anyone anything. This is not a new process, we've worked this way for a very very long time (almost since our start in 2005, with some exceptions when we attempted to interact with the distros list for a while, but that was many many years ago.) I've also documented this in detail in many talks and even recently in a set of blog posts about how the kernel security team works. That should be easy to find online if people want more detail. thanks, greg k-h
Current thread:
- Re: CVE-2026-31431: CopyFail: linux local privilege scalation, (continued)
- Re: CVE-2026-31431: CopyFail: linux local privilege scalation Solar Designer (Apr 29)
- Re: CVE-2026-31431: CopyFail: linux local privilege scalation Roman Medina-Heigl Hernandez (Apr 30)
- CVE-2026-31431 Copy Fail Linux LPE - new public exploit Andrei Berestov (May 18)
- Re: CVE-2026-31431: CopyFail: linux local privilege scalation Aaron Rainbolt (Apr 29)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Sam James (May 03)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Sam James (May 03)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Greg Kroah-Hartman (May 04)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Emily Shepherd (May 04)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Greg KH (May 04)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Emily Shepherd (May 04)
- Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Greg KH (May 06)
