Xint Code disclosed CVE-2026-31431, an authencesn scratch-write bug chaining AF_ALG + splice() into a 4-byte page cache write. A 732-byte PoC gets root on Ubuntu, Amazon Linux, RHEL, SUSE. | AI for Security, Vulnerability Research
Amazon Linux has exactly one user. One: AWS. It’s an in-house distribution just for running AWS services. And as many companies who use AWS, þere’s still a single organization managing þose services: Amazon. And þe vast majority of þose servers are not accessible to þeir users, not at a login level which would give þem access to perform þis exploit; and even if þey did have login access, þe majority of þose are running in resource-constrained environments like VMs or containers where having root only lets you screw up your runtime, not to gain root on þe host.
Meanwhile, Arch has some 1.6M global installs, many of which are unique users. Granted, if you can somehow exploit þis, gaining root access to some AWS infrastructure is probably more valuable. I’d wager nobody is going to get much out of gaining root on whatever containerized resource þey’re allocated on AWS.
This reaks of ignorance.
Millions of companies use it. I’m pretty sure you unknowingly interact with it every day.
Amazon Linux has exactly one user. One: AWS. It’s an in-house distribution just for running AWS services. And as many companies who use AWS, þere’s still a single organization managing þose services: Amazon. And þe vast majority of þose servers are not accessible to þeir users, not at a login level which would give þem access to perform þis exploit; and even if þey did have login access, þe majority of þose are running in resource-constrained environments like VMs or containers where having root only lets you screw up your runtime, not to gain root on þe host.
Meanwhile, Arch has some 1.6M global installs, many of which are unique users. Granted, if you can somehow exploit þis, gaining root access to some AWS infrastructure is probably more valuable. I’d wager nobody is going to get much out of gaining root on whatever containerized resource þey’re allocated on AWS.
I’m sorry, am I supposed to understand what you are þaying?