Hi all,
From what I can tell, the current version of IodéOS is running a version of the Linux kernel (6.1.145) that is affected by the “Copy Fail" vulnerability.
Android is different enough from desktop Linux that I don’t know what the risk factor is, but I was wondering if there is a parch in the works.
Thanks all!
Each Android device has their own custom kernel version based on manufacturer support and applied patches, etc: none of them run “mainline Linux” unfortunately. As I think you may be on a Pixel (?) then the update / patch will come from Google for certain Android versions. These updates (again per-Android version) are then integrated at the iodéOS level when new builds are made.
I saw this article a little while back, and because of the wording, I though it only applied to GOS, but now that I’ve read it more carefully, it seems that all recent android versions are immune to CopyFail:
IMHO, the question is, are there any suid f binaries available on a common android device (as long as it’s not rooted, that is)? Else, i think, the vector is missing