2026年5月4日星期一

Linux Kernel權限提升漏洞

Linux Kernel權限提升漏洞

發佈日期: 2026年05月04日

風險: 中度風險

類型: 操作系統 - LINUX

於 Linux Kernel 發現一個漏洞。本地攻擊者可利用這個漏洞，於目標系統觸發權限提升。

注意:

CVE-2026-31431 正在被廣泛利用。Copy Fail（CVE-2026-31431）是 Linux 核心中 authencesn 密碼學範本的一項邏輯漏洞。此漏洞可能使未具特權的本機使用者，對系統上任何可讀取檔案的頁面快取執行可控的四位元組寫入。對於自 2017 年起發佈的受影響 Linux 發行版而言，此問題可能導致本機權限提升，包括取得 root 權限。

影響

權限提升

受影響之系統或技術

Ubuntu: https://ubuntu.com/security/CVE-2026-31431
Debian: https://security-tracker.debian.org/tracker/CVE-2026-31431
Red Hat: https://access.redhat.com/security/cve/cve-2026-31431
SUSE: https://www.suse.com/security/cve/CVE-2026-31431.html
Amazon:https://explore.alas.aws.amazon.com/CVE-2026-31431.html
Arch：https://security.archlinux.org/CVE-2026-31431
AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
Cloudlinux: https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝軟件供應商提供的修補程式：

Ubuntu: https://ubuntu.com/security/CVE-2026-31431
Debian: https://security-tracker.debian.org/tracker/CVE-2026-31431
Red Hat: https://access.redhat.com/security/cve/cve-2026-31431
SUSE: https://www.suse.com/security/cve/CVE-2026-31431.html
Amazon:https://explore.alas.aws.amazon.com/CVE-2026-31431.html
Arch：https://security.archlinux.org/CVE-2026-31431
AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
Cloudlinux: https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431

漏洞識別碼

CVE-2026-31431

資料來源

Ubuntu: https://ubuntu.com/security/CVE-2026-31431
Debian: https://security-tracker.debian.org/tracker/CVE-2026-31431
Red Hat: https://access.redhat.com/security/cve/cve-2026-31431
SUSE: https://www.suse.com/security/cve/CVE-2026-31431.html
Amazon:https://explore.alas.aws.amazon.com/CVE-2026-31431.html
Arch：https://security.archlinux.org/CVE-2026-31431
AlmaLinux: https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
Cloudlinux: https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431

相關連結

https://ubuntu.com/security/CVE-2026-31431
https://security-tracker.debian.org/tracker/CVE-2026-31431
https://access.redhat.com/security/cve/cve-2026-31431
https://www.suse.com/security/cve/CVE-2026-31431.html
https://explore.alas.aws.amazon.com/CVE-2026-31431.html
https://security.archlinux.org/CVE-2026-31431
https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches
https://bugs.gentoo.org/show_bug.cgi?id=CVE-2026-31431
https://copy.fail/
https://xint.io/blog/copy-fail-linux-distributions
https://www.cisa.gov/news-events/alerts/2026/05/01/cisa-adds-one-known-exploited-vulnerability-catalog

於 5月 04, 2026

以電郵發送這個 BlogThis！分享至 X 分享至 Facebook 分享至 Pinterest

沒有留言:

發佈留言

較舊的文章首頁

訂閱：發佈留言 (Atom)

Linux Kernel權限提升漏洞

Linux Kernel權限提升漏洞發佈日期: 2026年05月04日風險: 中度風險類型: 操作系統 - LINUX 於 Linux K...

Debian Linux Kernel Multiple Vulnerabilities

Debian Linux Kernel Multiple Vulnerabilities Release Date: 14 Apr 2025 RI...
(沒有標題)

SUSE Linux Kernel Multiple Vulnerabilities Release Date: 14 Jun 2024 RISK...

搜尋此網誌

首頁

關於我

mickmick.net: With experience, Apple & Microsoft certifications and a love for all things geek we are Hong Kong’s solution to everything geek: Home & Small Business Networking, computer repairs, back up and more.

查看我的完整個人檔案

網誌封存

舉報濫用

「水印」主題. 由 Blogger 提供.