Tag Archives: Ubuntu 26.04 LTS

Showing the exploting Copy Fail CVE-2026-31431 in an Ubuntu 24.04 just launched in Google Cloud, and how to fix it

So I show here how I launched a fresh Ubuntu 24.04 in Google Cloud, on 2026-05-04, and demostrate the exploit of escalation privileges Copy Fail (CVE-2026-31431) which allows you to become root from a regular user account in almost any Linux since year 2017.

It consists in the execution of a Python 3 code, which is only 732 bytes.

I show how I fixed it by upgrading the kernel and rebooting.

Here you can see the original tweet I saw: https://x.com/DarkWebInformer/status/2049579219190165658?s=20

And access the code: https://github.com/theori-io/copy-fail-CVE-2026-31431

I also tried on a fresh deployed Ubuntu 26.04 LTS and it was not affected by the exploit.

A bit of programming a Symfony 7.4 PHP 8.5 web application, with Windows 11, Docker Desktop, docker-compose.yml, Ubuntu 26.04 Container, Antigravity (AI Gemini 3 Flash), PHPStorm (video)

I show some tips and tricks.

Install Ubuntu 26.04 LTS Desktop in VirtualBox

A step by step guide, with some tricks and troubleshot.

Sudo problems in Ubuntu 26.04 LTS with Google Cloud: I’m sorry user. I’m afraid I can’t do that

I show in the video, how briefly after using sudo, it stops working.

I did this proof of concept and, I got the same problem:

sleep 300 && sudo cat /etc/lsb-release

Checking with:

id -nG

clearly showed that my user is part of google-sudoers But then:

journalctl -u google-guest-agent -f

Displays:

Apr 26 17:54:07 ubuntu26-04 google_guest_agent[851]: Adding existing user carles_mateo to google-sudoers group.
Apr 26 17:54:07 ubuntu26-04 gpasswd[89648]: user carles_mateo added by root to group google-sudoers
Apr 26 17:54:07 ubuntu26-04 google_guest_agent[851]: Updating keys for user carles_mateo.
Apr 26 17:54:11 ubuntu26-04 google_guest_agent[851]: Updating keys for user carles_mateo.
Apr 26 17:57:11 ubuntu26-04 google_guest_agent[851]: ERROR non_windows_accounts.go:219 invalid ssh key entry - expired key: carles_mateo:...google-ssh {"userName":"carles.mateo@gmail.com","expireOn":"2026-04-26T17:57:05+0000"}
Apr 26 17:57:11 ubuntu26-04 google_guest_agent[851]: ERROR non_windows_accounts.go:219 invalid ssh key entry - expired key: carles_mateo:ssh-rsa...
Apr 26 17:57:11 ubuntu26-04 google_guest_agent[851]: Removing user carles_mateo.
Apr 26 17:57:11 ubuntu26-04 gpasswd[89736]: user carles_mateo removed by root from group google-sudoers

Installing Ubuntu 26.04 LTS in Google Cloud Compute Engine

The video shows step by step how to create an Instance in Google Cloud Compute Engine of the type e2, increase the size of the disk, and install Ubuntu 26.04 LTS Server.

Also shows how the new htop looks, with new IO options.

You know that utilites from coreutils have been rewriten in Rust, like sudo. I was wondering if it would work well. I thoguht I was encountering the first problems, after I experienced that when launched sudo, like in example, a sudo apt install package , sudo then stops working and I’ve to exit the shell and relogin.

I found that it is Google Cloud that removes my user from google-sudoers after 3 minutes.

I explain it in here.

Carles Mateo

Blog on extreme IT, Development, Clouds, SRE, Operations, Start ups, Security, CTO and my thoughts