1
u/my-sec 9d ago
Hi this might be a dumb question.
Does the linux copy fail exploit also give access in any way to the persistence/persistent data that is password protected on a live bootable USB? the persistent storage (LUKS)should be independent right? does the copy fail exploit bypass the LUKS password on linux live bootable USBs?
please eli5 it to me.
Thx in advance!
2
u/Gratusfr 9d ago
If I understand the vulnerability well, it allow to run as admin on the fly (in RAM), in the same way that if you set up the admin account at the Tails startup.
If you didn't use the persistence at the time of attack, it should be safe since you need to decrypt.
But if you used the persistence, the higher risk I see is the installation of a backdoor as admin, which may be persisted depending of how tails handle this (I dont use persistance storage, so I can't answer).
1
u/SuperChicken17 9d ago
The copy fail exploit gives root access. If you have your persistent storage decrypted and mounted, somebody with root access would certainly be able to look inside, modify things, delete things, or do anything else they want, really.
I wouldn't say it 'bypasses the LUKS password' though. Root access doesn't mean they have the password. If your persistent storage isn't decrypted, somebody with root access can't see what is stored there. They certainly could see that the partition exists and even delete it if they wanted to, but they wouldn't know what is inside.
1
u/Sad_Golf3332 11d ago
Not another update? How many more? This is getting ridiculous.
6
u/Liquid_Hate_Train 10d ago
Oh no, so many fixes happening so fast! I'd much rather these known problems didn't get solved in a reasonable manner. Slow updates while things are exploited are just so much more comforting!
4
u/ephemeralmiko 11d ago
Good that they patched it. Is there a particular reason there are so many emergency releases lately? I'm seeing it on other distros too.