{"id":11808,"date":"2026-05-02T18:57:25","date_gmt":"2026-05-02T11:57:25","guid":{"rendered":"https:\/\/taichinhphowall.com\/index.php\/2026\/05\/02\/linux-exploit-copyfail-lo-hong-nguy-hiem-de-doa-hang-trieu-he-thong\/"},"modified":"2026-05-02T18:57:25","modified_gmt":"2026-05-02T11:57:25","slug":"linux-exploit-copyfail-lo-hong-nguy-hiem-de-doa-hang-trieu-he-thong","status":"publish","type":"post","link":"https:\/\/taichinhphowall.com\/index.php\/2026\/05\/02\/linux-exploit-copyfail-lo-hong-nguy-hiem-de-doa-hang-trieu-he-thong\/","title":{"rendered":"Linux exploit CopyFail: L\u1ed7 h\u1ed5ng nguy hi\u1ec3m \u0111e d\u1ecda h\u00e0ng tri\u1ec7u h\u1ec7 th\u1ed1ng"},"content":{"rendered":"<div>\n<p>S\u1ef1 xu\u1ea5t hi\u1ec7n c\u1ee7a l\u1ed7 h\u1ed5ng Linux exploit CopyFail, \u0111\u01b0\u1ee3c \u0111\u1ecbnh danh l\u00e0 CVE-2026-31431, \u0111ang t\u1ea1o ra m\u1ed9t c\u01a1n \u0111\u1ecba ch\u1ea5n trong c\u1ed9ng \u0111\u1ed3ng b\u1ea3o m\u1eadt to\u00e0n c\u1ea7u. \u0110\u00e2y l\u00e0 m\u1ed9t l\u1ed7i leo thang \u0111\u1eb7c quy\u1ec1n c\u1ee5c b\u1ed9 (LPE) cho ph\u00e9p b\u1ea5t k\u1ef3 ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng c\u00f3 \u0111\u1eb7c quy\u1ec1n n\u00e0o c\u0169ng c\u00f3 th\u1ec3 chi\u1ebfm quy\u1ec1n qu\u1ea3n tr\u1ecb (root) tr\u00ean h\u1ea7u h\u1ebft c\u00e1c b\u1ea3n ph\u00e2n ph\u1ed1i Linux hi\u1ec7n h\u00e0nh. V\u1edbi m\u00e3 khai th\u00e1c \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 c\u00f4ng khai, c\u00e1c h\u1ec7 th\u1ed1ng trung t\u00e2m d\u1eef li\u1ec7u, thi\u1ebft b\u1ecb c\u00e1 nh\u00e2n v\u00e0 h\u1ea1 t\u1ea7ng \u0111\u00e1m m\u00e2y \u0111ang \u0111\u1ee9ng tr\u01b0\u1edbc nguy c\u01a1 b\u1ecb chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t ch\u1ec9 trong v\u00e0i gi\u00e2y.<\/p>\n<figure>\n  <img decoding=\"async\" src=\"https:\/\/taichinhphowall.com\/wp-content\/uploads\/2026\/05\/image-UHVibGljbHlyZWxlYXNlZGV4.jpg\" alt=\"Linux exploit CopyFail - Ngu\u1ed3n \u1ea3nh: wired.com\" \/><figcaption><em>\u1ea2nh t\u1eeb ngu\u1ed3n: wired.com<\/em><\/figcaption><\/figure>\n<h2>B\u1ea3n ch\u1ea5t k\u1ef9 thu\u1eadt \u0111\u1eb1ng sau Linux exploit CopyFail<\/h2>\n<p>Nh\u00ecn s\u00e2u v\u00e0o b\u1ea3n ch\u1ea5t c\u1ee7a Linux exploit CopyFail, v\u1ea5n \u0111\u1ec1 b\u1eaft ngu\u1ed3n t\u1eeb m\u1ed9t sai s\u00f3t logic &#8220;th\u1eb3ng t\u1eafp&#8221; n\u1eb1m trong API m\u1eadt m\u00e3 c\u1ee7a kernel. C\u1ee5 th\u1ec3, quy tr\u00ecnh khu\u00f4n m\u1eabu AEAD \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng cho c\u00e1c chu\u1ed7i s\u1ed1 m\u1edf r\u1ed9ng IPsec kh\u00f4ng th\u1ef1c hi\u1ec7n \u0111\u00fang ch\u1ee9c n\u0103ng sao ch\u00e9p d\u1eef li\u1ec7u. Thay v\u00e0o \u0111\u00f3, n\u00f3 s\u1eed d\u1ee5ng b\u1ed9 \u0111\u1ec7m \u0111\u00edch c\u1ee7a ng\u01b0\u1eddi g\u1ecdi nh\u01b0 m\u1ed9t b\u1ea3n nh\u00e1p, ghi \u0111\u00e8 4 byte v\u01b0\u1ee3t ra ngo\u00e0i v\u00f9ng \u0111\u1ea7u ra h\u1ee3p l\u1ec7 m\u00e0 kh\u00f4ng bao gi\u1edd kh\u00f4i ph\u1ee5c l\u1ea1i d\u1eef li\u1ec7u ban \u0111\u1ea7u. S\u1ef1 c\u1ed1 n\u00e0y t\u1ea1o ra m\u1ed9t khe h\u1edf b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng, kh\u00f4ng c\u1ea7n \u0111\u1ebfn c\u00e1c k\u1ef9 thu\u1eadt ph\u1ee9c t\u1ea1p nh\u01b0 race condition hay l\u1ed7i h\u1ecfng b\u1ed9 nh\u1edb v\u1ed1n th\u01b0\u1eddng thi\u1ebfu \u1ed5n \u0111\u1ecbnh tr\u00ean c\u00e1c phi\u00ean b\u1ea3n kernel kh\u00e1c nhau.<\/p>\n<p>V\u00ec \u0111\u00e2y l\u00e0 l\u1ed7i logic thu\u1ea7n t\u00fay, m\u00e3 khai th\u00e1c ho\u1ea1t \u0111\u1ed9ng c\u1ef1c k\u1ef3 \u1ed5n \u0111\u1ecbnh tr\u00ean m\u1ecdi h\u1ec7 th\u1ed1ng \u0111\u00edch, t\u1eeb Ubuntu 22.04, Amazon Linux 2023 cho \u0111\u1ebfn SUSE 15.6 v\u00e0 Debian 12. \u0110i\u1ec1u n\u00e0y gi\u1ea3i th\u00edch t\u1ea1i sao c\u00e1c chuy\u00ean gia b\u1ea3o m\u1eadt l\u1ea1i g\u1ecdi \u0111\u00e2y l\u00e0 m\u1ed9t trong nh\u1eefng l\u1ed7 h\u1ed5ng &#8220;leo thang l\u00ean root&#8221; t\u1ed3i t\u1ec7 nh\u1ea5t trong th\u1eddi gian g\u1ea7n \u0111\u00e2y, c\u00f3 m\u1ee9c \u0111\u1ed9 \u0111e d\u1ecda t\u01b0\u01a1ng \u0111\u01b0\u01a1ng v\u1edbi nh\u1eefng ti\u1ec1n l\u1ec7 nguy hi\u1ec3m nh\u01b0 Dirty Pipe hay Dirty Cow.<\/p>\n<h2>H\u1ec7 l\u1ee5y kh\u00f4n l\u01b0\u1eddng \u0111\u1ed1i v\u1edbi h\u1ea1 t\u1ea7ng s\u1ed1<\/h2>\n<p>S\u1ef1 nguy hi\u1ec3m c\u1ee7a CopyFail kh\u00f4ng ch\u1ec9 d\u1eebng l\u1ea1i \u1edf c\u00e1c m\u00e1y ch\u1ee7 \u0111\u01a1n l\u1ebb m\u00e0 c\u00f2n m\u1edf r\u1ed9ng \u0111\u1ebfn c\u00e1c ki\u1ebfn tr\u00fac hi\u1ec7n \u0111\u1ea1i. Trong m\u1ed9t th\u1ebf gi\u1edbi n\u01a1i c\u00e1c container ch\u1ea1y tr\u00ean Kubernetes, c\u00e1c instance tr\u00ean WSL2, hay c\u00e1c t\u00e1c nh\u00e2n AI t\u1ef1 h\u00e0nh \u0111\u1ec1u chia s\u1ebb chung m\u1ed9t Linux kernel, vi\u1ec7c m\u1ed9t k\u1ebb t\u1ea5n c\u00f4ng chi\u1ebfm \u0111\u01b0\u1ee3c quy\u1ec1n root tr\u00ean host \u0111\u1ed3ng ngh\u0129a v\u1edbi vi\u1ec7c x\u00f3a b\u1ecf ho\u00e0n to\u00e0n r\u00e0o c\u1ea3n ng\u0103n c\u00e1ch gi\u1eefa c\u00e1c tenant. Gi\u1ed1ng nh\u01b0 c\u00e1ch m\u00e0 <a href=\"https:\/\/taichinhphowall.com\/index.php\/2026\/05\/01\/giao-thuc-thanh-toan-ai-cua-okx-ky-nguyen-moi-cua-cac-tac-nhan-tu-hanh-trong-nen-kinh-te-so\/\">Giao th\u1ee9c thanh to\u00e1n AI c\u1ee7a OKX<\/a> \u0111ang ti\u00ean phong trong vi\u1ec7c \u0111\u1ecbnh h\u00ecnh c\u00e1c t\u00e1c nh\u00e2n t\u1ef1 h\u00e0nh, c\u00e1c h\u1ec7 th\u1ed1ng n\u00e0y hi\u1ec7n \u0111ang \u0111\u1ed1i m\u1eb7t v\u1edbi nguy c\u01a1 b\u1ecb b\u1ebb g\u00e3y quy\u1ec1n ki\u1ec3m so\u00e1t t\u1eeb b\u00ean trong b\u1edfi ch\u00ednh l\u1ed7 h\u1ed5ng kernel n\u00e0y.<\/p>\n<p>Khi k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 c\u00f3 ch\u1ed7 \u0111\u1ee9ng (shell access) th\u00f4ng qua m\u1ed9t l\u1ed7 h\u1ed5ng \u1ee9ng d\u1ee5ng \u0111\u01a1n gi\u1ea3n, CopyFail tr\u1edf th\u00e0nh ch\u00eca kh\u00f3a \u0111\u1ec3 ch\u00fang n\u00e2ng c\u1ea5p quy\u1ec1n truy c\u1eadp, t\u1eeb \u0111\u00f3 \u0111\u1ecdc d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, c\u00e0i \u0111\u1eb7t backdoor ho\u1eb7c th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng leo thang v\u00e0o c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c trong c\u00f9ng m\u1ea1ng l\u01b0\u1edbi. M\u1ed1i \u0111e d\u1ecda n\u00e0y c\u00e0ng tr\u1edf n\u00ean nghi\u00eam tr\u1ecdng khi b\u1ed1i c\u1ea3nh <a href=\"https:\/\/taichinhphowall.com\/index.php\/2026\/05\/01\/thi-truong-crypto-doi-mat-lan-song-hack-ky-luc-khi-tai-san-so-tro-thanh-con-moi-trong-ky-nguyen-phi-tap-trung\/\">Th\u1ecb tr\u01b0\u1eddng crypto \u0111\u1ed1i m\u1eb7t l\u00e0n s\u00f3ng hack k\u1ef7 l\u1ee5c<\/a> \u0111ang cho th\u1ea5y t\u00e0i s\u1ea3n s\u1ed1 tr\u1edf th\u00e0nh m\u1ee5c ti\u00eau \u01b0u ti\u00ean, vi\u1ec7c m\u1ea5t quy\u1ec1n ki\u1ec3m so\u00e1t h\u1ec7 \u0111i\u1ec1u h\u00e0nh ch\u00ednh l\u00e0 c\u1eeda ng\u00f5 \u0111\u1ec3 c\u00e1c hacker nh\u1eafm v\u00e0o v\u00ed v\u00e0 c\u00e1c private key quan tr\u1ecdng.<\/p>\n<h2>Kho\u1ea3ng tr\u1ed1ng gi\u1eefa c\u00f4ng b\u1ed1 v\u00e0 kh\u1eafc ph\u1ee5c<\/h2>\n<p>M\u1ed9t kh\u00eda c\u1ea1nh \u0111\u00e1ng quan ng\u1ea1i l\u00e0 quy tr\u00ecnh c\u00f4ng b\u1ed1 l\u1ed7 h\u1ed5ng n\u00e0y. M\u1eb7c d\u00f9 nh\u00f3m nghi\u00ean c\u1ee9u t\u1eeb Theori \u0111\u00e3 l\u00e0m vi\u1ec7c v\u1edbi \u0111\u1ed9i ng\u0169 b\u1ea3o m\u1eadt Linux kernel t\u1eeb tr\u01b0\u1edbc, nh\u01b0ng vi\u1ec7c c\u00f4ng b\u1ed1 m\u00e3 khai th\u00e1c c\u00f4ng khai trong khi h\u1ea7u h\u1ebft c\u00e1c b\u1ea3n ph\u00e2n ph\u1ed1i Linux ch\u01b0a k\u1ecbp ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 \u0111\u00e3 t\u1ea1o ra m\u1ed9t &#8220;kho\u1ea3ng tr\u1ed1ng patch zero-day&#8221;. Nhi\u1ec1u chuy\u00ean gia b\u1ea3o m\u1eadt \u0111\u00e3 ch\u1ec9 tr\u00edch c\u00e1ch ti\u1ebfp c\u1eadn n\u00e0y l\u00e0 thi\u1ebfu ph\u1ed1i h\u1ee3p, v\u00ec th\u1ef1c t\u1ebf cho th\u1ea5y kh\u00f4ng ph\u1ea3i nh\u00e0 cung c\u1ea5p n\u00e0o c\u0169ng s\u1eb5n s\u00e0ng b\u1ea3n v\u00e1 khi th\u00f4ng tin v\u1ec1 l\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c ph\u01a1i b\u00e0y ra th\u1ebf gi\u1edbi.<\/p>\n<p>Trong k\u1ef7 nguy\u00ean m\u00e0 <a href=\"https:\/\/taichinhphowall.com\/index.php\/2026\/05\/01\/thi-truong-tai-san-so-doi-mat-lan-song-siet-chat-phap-ly-va-su-troi-day-cua-rwa\/\">Th\u1ecb tr\u01b0\u1eddng t\u00e0i s\u1ea3n s\u1ed1 \u0111\u1ed1i m\u1eb7t l\u00e0n s\u00f3ng si\u1ebft ch\u1eb7t ph\u00e1p l\u00fd v\u00e0 s\u1ef1 tr\u1ed7i d\u1eady c\u1ee7a RWA<\/a>, vi\u1ec7c qu\u1ea3n tr\u1ecb r\u1ee7i ro h\u1ec7 th\u1ed1ng c\u00f4ng ngh\u1ec7 th\u00f4ng tin tr\u1edf n\u00ean quan tr\u1ecdng h\u01a1n bao gi\u1edd h\u1ebft. C\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean h\u1ec7 th\u1ed1ng c\u1ea7n l\u1eadp t\u1ee9c ki\u1ec3m tra phi\u00ean b\u1ea3n kernel \u0111ang s\u1eed d\u1ee5ng, c\u1eadp nh\u1eadt c\u00e1c b\u1ea3n v\u00e1 m\u1edbi nh\u1ea5t t\u1eeb nh\u00e0 cung c\u1ea5p v\u00e0 \u00e1p d\u1ee5ng c\u00e1c bi\u1ec7n ph\u00e1p gi\u1ea3m thi\u1ec3u r\u1ee7i ro \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 \u0111\u1ec3 b\u1ea3o v\u1ec7 to\u00e0n v\u1eb9n d\u1eef li\u1ec7u tr\u01b0\u1edbc khi l\u1ed7 h\u1ed5ng Linux exploit CopyFail b\u1ecb khai th\u00e1c r\u1ed9ng r\u00e3i tr\u00ean th\u1ef1c t\u1ebf.<\/p>\n<p><em>B\u00e0i vi\u1ebft \u0111\u00e3 \u0111\u01b0\u1ee3c bi\u00ean t\u1eadp l\u1ea1i t\u1eeb ngu\u1ed3n: wired.com<\/em><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>S\u1ef1 xu\u1ea5t hi\u1ec7n c\u1ee7a l\u1ed7 h\u1ed5ng Linux exploit CopyFail, \u0111\u01b0\u1ee3c \u0111\u1ecbnh danh l\u00e0 CVE-2026-31431, \u0111ang t\u1ea1o ra m\u1ed9t c\u01a1n \u0111\u1ecba ch\u1ea5n trong c\u1ed9ng \u0111\u1ed3ng b\u1ea3o m\u1eadt to\u00e0n c\u1ea7u. \u0110\u00e2y l\u00e0 m\u1ed9t l\u1ed7i leo thang \u0111\u1eb7c quy\u1ec1n c\u1ee5c b\u1ed9 (LPE) cho ph\u00e9p b\u1ea5t k\u1ef3 ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng c\u00f3 \u0111\u1eb7c quy\u1ec1n n\u00e0o c\u0169ng c\u00f3 th\u1ec3 chi\u1ebfm quy\u1ec1n [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11807,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[51],"tags":[],"class_list":["post-11808","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-va-web3"],"_links":{"self":[{"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/posts\/11808","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/comments?post=11808"}],"version-history":[{"count":0,"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/posts\/11808\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/media\/11807"}],"wp:attachment":[{"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/media?parent=11808"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/categories?post=11808"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/taichinhphowall.com\/index.php\/wp-json\/wp\/v2\/tags?post=11808"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}