Day: May 1, 2026

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

May 1, 2026 by 8 Comments

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions.

Local privileges escalations are never good, but typically are not “Internet-melters”: they are significantly less dangerous than remote vulnerabilities, but are often combined with a remote vulnerability to gain complete access to a system.

This time, the vulnerability is in the Linux kernel handling of cryptographic functions used in IPSec. The mistake allows writing into the in-memory cache of file data; this allows modifying what the system thinks a file contains, without ever touching the contents of the actual file. Coupled with a suid binary — a binary configured to always run as root, no matter what user starts it — the binary can be modified to run any code as root. In this case, that means launching a new interactive shell. Nearly every distribution includes several standard suid binaries, such as the command su which requires root privileges to switch users.

The bug is pervasive, impacting kernels from 2017, and can be triggered on any distribution where the IPSec kernel modules are enabled and loaded, which is the vast majority of them. Kernel patches are available, and most distributions should have them at this point. For the average home user, you’ll want to upgrade as soon as is practical; for services with untrusted users or containerized systems which might run untrusted workloads, if updating immediately is not practical, Theori has mitigation suggestions on the blog post. Continue reading “This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool”

Running Linux On The PS5 With A Hypervisor Exploit

May 1, 2026 by 7 Comments

Since Sony’s PlayStation 5 console is quite literally an AMD-based gaming PC with a custom mainboard, the only thing that really keeps anyone from just installing another operating system on it is the hypervisor-based firmware. Since in older firmware for the original ‘phat’ PlayStation 5 there exists a hypervisor exploit, this logically means that you can totally run Linux on them, as demonstrated by [Andy Nguyen] with the PS5-linux project on GitHub.

PS5 firmware version 5.x from 2022 seems to have at least partially addressed this particular vulnerability, so this leaves firmware versions 3.x and 4.x supported by PS5-linux for now. Firmware versions 1.x and 2.x also have this vulnerability, but [Andy] hasn’t added support for these yet. As for the prospect of running PS5-linux on 5.x firmware the prospect is less certain, but it’s reckoned that since the OS would then run inside the hypervisor it’d be quite limited in its functionality. Firmware versions 6+ are currently still firmly locked-down.

If you have an original PS5 kicking around with the right firmware version, to use the project you need a 64+ GB USB drive to run from and USB dongles for Wi-Fi/Ethernet. For Bluetooth support you also need a dongle. With the USB drive inserted into the console, on boot it runs the jailbreak exploit and sends the bootloader as payload. If all goes well you should then see the desktop of Ubuntu 26.04 Resolute Raccoon pop up.

It’s arguable how practical this currently is, but since it doesn’t modify the PS5 firmware it’s not permanent at least. Unfortunately Linux doesn’t have drivers for much of the PS5’s hardware, so the available video resolutions are limited, power management features such as standby are not working, and there are currently bugs related to HDMI audio and video output on some monitors.

It’s unfortunate that features like OtherOS (before it got pulled) on the PlayStation 3 or the official Linux for the PlayStation 2 aren’t a thing any more, but this hack offers at least some glimpse of what that could have been like  for a modern Sony console.

Is It A Pet? No, It’s A Teacher’s Pet!

May 1, 2026 by No comments

Here at Hackaday we cover the world of retrocomputing, which means that we see all manner of older computers in our everyday work. We might even claim that we’ve seen them all, were it not that every now and then something comes along which surprises us. [Tynemouth Software] has done just that, with an unexpected Commodore. It’s a Commodore 4064, something that was new to us, but which is best described as a Commodore 64 in a PET case. He’s bringing this one back to life.

For those with weak early-Commodore-fu, maybe it’s worth a quick recap. The PET was Commodore’s big hit from the late 1970s, and it took the form of an all-in-one machine with a CRT display built in. They packed a 6502, BASIC, blocky monochrome graphics, and unexpectedly an IEE-488, or GPIB port. Meanwhile the 64 was the company’s smash hit early 1980s home computer in a compact console design, with high-res color graphics for the time on your TV, and a synthesizer chip that’s still legendary in 2026. Combining a 64 mainboard with the super-robust PET case appears to have been part of Commodore’s business and education offerings.

This one appears to have been in the damp, because that board is definitely more than a bit grubby. After a lot of debugging its power and video circuits, including an unexpected sync splitter board to drive the non-composite monitor, he narrows down the problem to a dodgy ROM and some memory errors.

It seems there’s some question in Commodore enthusiast circles as to whether these machines were assembled from surplus PET parts, but he puts that one to bed by pointing out the custom metalwork and the few custom Commodore 64 features on the board. All in all it’s an interesting dive into an unusual 8-bit machine.

We’ve seen [Tynemouth] a few times here, perhaps most notably with their modern take on a ZX80.