According to security researchers, the newly discovered vulnerability could affect most major open source Linux distributions released since 2017.

The vulnerability, titled “Copy Fail,” caught the attention of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which added it to its catalog of known vulnerabilities (KEV) on Saturday. warning poses a “significant risk to the federal enterprise.”

“10 Lines of Python” might be enough: Researcher

The vulnerability could allow attackers to gain root access on a wide range of Linux systems using a 732-byte Python script, although it requires prior code execution on the system to escalate privileges.

Researcher Miguel Angel Duran he said that it only requires “10 lines of Python” to gain root access on any affected system.

“This Linux vulnerability is crazy,” Duran said.

Linux is an operating system widely used by cryptocurrency exchanges, blockchain nodes and custody services for its security and performance, which means the vulnerability could potentially pose a threat to the sector if attackers gain initial access.

The exploit was originally reported in March

Xint code he said in a Saturday post on X that the flaw “is an easily exploitable logic bug in Linux, available on all major distributions released in the last 9 years.”

“A small, portable Python script gets rooted on all platforms,” Xint Code said.

Brian Pak, CEO of cybersecurity firm Theori he said in a Saturday post on X, in which he “privately” reported the vulnerability to the Linux kernel security team on March 23.

“We worked with them on patches that went live in the main release on April 1. The CVE was assigned on April 22. We made it public on April 29 with a full description and PoC,” Pak said.

Cointelegraph is committed to independent and crystal clear journalism. This news article has been produced in accordance with Cointelegraph’s Editorial Policy and is intended to provide right and up-to-date information. Readers are encouraged to verify the information themselves.