pcdoyle/copy-fail-cve-2026-31431

Fork 1

8 releases 11 tags

RSS feed

v1.202605.011 0ea6d57e7c

v1.202605.011 Stable

pcdoyle released this 2026-05-05 04:22:47 +00:00 | 1 commits to main since this release

Changes (Major Update v0 -> v1)

Regularized output so that all commands/switches allow for json output (--format json|text|pretty).
All commands now "pretty print" with lipgloss, previously only the main report printed pretty output.
Minor bug fixes, minor display fixes, added a --width option when pretty printing.
Lots of visual improvements, and output improvements.
kmod has better instructions on how to download the kernal headers and other required components (none require a reboot).
Increased tests for kprobe and kmod on RHEL-family installs (64-bit), all currently supported versions (8/9/10) of: RHEL/Rocky/Alma/Oracle/CentOS.
Tested on all currently supported Debian/Ubuntu versions.
Tested on VMware ESX 8/9 and vSphere 8/9 (none we tested were vulnerable)
Tested on Proxmox (modprobe works)
Tested on ArchLinux (most people would be on an unaffected kernel)
Tested on Linux Mint.

Automatic Install

Auto-detects your arch, downloads the right binary into $(pwd), and verifies its SHA-256 against the published SHA256SUMS:

curl -fsSL https://copyfail.pcdoyle.dev/install.sh | sh

Always grabs the latest release. Exits non-zero on checksum mismatch and removes the bad file.

Manual Downloads

Binary	Target	When to grab
`cvecheck-linux-x86_64`	Linux x86-64 (Intel/AMD 64-bit)	Default for servers, desktops, laptops, most VMs/containers. Ubuntu/Debian/RHEL/Fedora/Rocky/Alma/Oracle/SUSE/Alpine/Arch on x86_64.
`cvecheck-linux-arm64`	Linux ARM 64-bit (aarch64)	AWS Graviton, Ampere Altra, Apple Silicon Linux VMs, Raspberry Pi 4/5 (64-bit OS), Oracle/Azure ARM instances.
`cvecheck-linux-x86`	Linux x86 32-bit (i386 / i686)	Legacy 32-bit hosts only. Old industrial boxes, ancient VMs. Skip unless you know you need it.

Pick the right one for your system (quick guide)

Run uname and check the output.

uname -m
# x86_64      -> cvecheck-linux-x86_64
# aarch64     -> cvecheck-linux-arm64
# i686 / i386 -> cvecheck-linux-x86

Verify manually

SHA256SUMS is published as a release asset alongside the binaries. Each
line is <sha256> <filename>.

# Download the binary you want plus the checksum file.
curl -LO https://git.pcdoyle.dev/pcdoyle/copy-fail-cve-2026-31431/releases/download/latest/cvecheck-linux-x86_64
curl -LO https://git.pcdoyle.dev/pcdoyle/copy-fail-cve-2026-31431/releases/download/latest/SHA256SUMS

# Verify (only checks files present in the current directory).
sha256sum --ignore-missing -c SHA256SUMS
# cvecheck-linux-x86_64: OK

Inline form (no SHA256SUMS download):

echo "<paste-hash-here> cvecheck-linux-x86_64" | sha256sum -c -

Run

chmod +x cvecheck-linux-x86_64
./cvecheck-linux-x86_64                    # pretty styled report
./cvecheck-linux-x86_64 --format=json | jq # SIEM/automation
./cvecheck-linux-x86_64 --quiet; echo $?   # exit code only
sudo ./cvecheck-linux-x86_64               # needed when /boot is root-only

Downloads

cvecheck-linux-arm64
324,910 downloads · 2026-05-05 04:22:43 +00:00 · 5.1 MiB
cvecheck-linux-x86
40,115 downloads · 2026-05-05 04:22:43 +00:00 · 4.8 MiB
cvecheck-linux-x86_64
1,875,778 downloads · 2026-05-05 04:22:44 +00:00 · 7.1 MiB
SHA256SUMS
2,097,158 downloads · 2026-05-05 04:22:43 +00:00 · 260 B