#vulnerabilities

Hackers could have hijacked Google’s Gemini assistant to steal user data and location information through prompt-injection tricks across its cloud, search, and browsing features.

Source: Tenable

Linux is generally considered a strong, stable and rarely vulnerable operating system. Due to the way its code is written and maintained, few malware families are aimed at it. Vulnerabilities that run rampant in Windows systems do not usually apply to Linux, just as they don’t to macOS. But that does not mean it’s perfect.

A security flaw listed as CVE-2026-3143, dubbed Copy Fail, has been discovered to not only exist, but to be present in every distribution of Linux since 2017. It’s a logic bug that affects the kernel, which is the ‘brain’ of any system, the firmware that decides how, where and in what order commands are executed. Copy Fail allows authenticated attackers with code execution privileges to modify the cache page of readable setuid-root binaries to elevate privileges to root.

In plain English this means that commands can be overwritten in the kernel itself, potentially changing the downstream functions of a device. Or leaving them open to other remote code execution, typically the objective of Trojan malware incursions. The modifications are in-memory, meaning that they do not directly affect the function of the applications they’re connected to, but remain active at the root nevertheless. This could lead to full root privilege escalation (high impact to confidentiality, integrity, and availability) and could facilitate container breakout, multi-tenant compromise, and lateral movement within shared environments, according to Microsoft.

The flaw itself resides in an optimization change in which cache pages are placed in a writable scatterlist. Authencesn uses the caller’s destination scatterlist as scratch space during byte rearrangement and it’s there that overwriting can occur. This isn’t dangerous in and of itself, but the working environments where it’s used often rely on the execution of untrusted code due to being shared (like in Kupernetes containers or clouds). Thus far, most scenarios for exploitation of the flaw remain in proof-of-concept status, although Security Week’s most recent article on Copy Fail notes that some in-the-wild instances have been observed.

To the common person, Linux doesn’t seem occupy much of the market share. If you asked someone on the street if they use it, they probably don’t think so. But behind the scenes, it’s widely adopted. Android, for instance, runs on Linux. It’s the backbone of the top 500 most powerful supercomputers in the world, Microsoft’s cloud services, the ISS, social media platforms like Facebook and X, as well as the Pentagon and NY Stock Exchange. A flaw this widespread could spell disaster if any of those proof-of-concept scenarios becomes real.

CISA has added Copy Fail to its Known Exploited Vulnerabilities catalog, and urges patching of the flaw to occur within two weeks, of which one is left at the time I’m writing this. Microsoft encourages organizations to prioritize identifying potentially vulnerable machines in their environments, apply patches, isolate the systems, apply access controls, and review logs for signs of exploitation. And I’ll be keeping my eye on it too.

“Getting physically naked is easy enough to do. It can be done before complete strangers. But getting emotionally and psychically naked in front of another, and being seen and appreciated and held as we are, bearing our soul, our fears and our traumas and our shames and our shadows ... that's intimacy. 

And there is no limit to the depth of intimacy to be discovered, and uncovered, in that regard. No end to the number of times we could fall in love with the same person who dares to bear their soul to us, and ours to them.

And unless, and until, we dare to do that, down to our deepest core, exposing our everything... we will seek compensation in the shallows, and falsely call that "intimacy."