Making headlines everywhere is the  CopyFail  Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local privileges escalations are never good, but typically are not “Internet-melters”: they are  significantly  less dangerous than remote vulnerabilities, but are often combined with a remote vulnerability to gain complete access to a system. This time, the vulnerability is in the Linux kernel handling of cryptographic functions used in IPSec. The mistake allows writing into the in-memory cache of file data; this allows modifying what the system thinks a file contains, without ever touching the contents of the actual file. Coupled with a suid binary — a binary configured to always run as root, no matter what user starts it — the binary can be modified to run any code as root. In this case, that means launching a new interactive shell.…