How the CopyFail disclosure went sideways

How the CopyFail disclosure went sideways

From Risky Business Features by Risky Business Media

May 21, 2026 · 19 min

About this episode

The episode discusses the issues surrounding the premature public disclosure of the CopyFail exploit and its implications for open source software.

In this episode, Theori’s Brian Pak and Andrew Wesie join James Wilson to discuss why the CopyFail exploit was publicly disclosed before Linux distributions had their patches ready. As you’ll hear in this episode, mistakes were made and lessons learned. It’s worth a podcast, too, because in our opinion this incident foreshadows the inevitable problems that open source software will face in the unfolding vulnpocalypse.

People in this episode

Host: James Wilson

Guests: Brian Pak, Andrew Wesie

Topics covered

  • CopyFail exploit
  • public disclosure
  • Linux patches
  • open source software
  • security vulnerabilities
  • lessons learned

Keywords

  • CopyFail
  • exploit
  • Linux
  • public disclosure
  • open source
  • security
  • vulnerabilities
  • patches
  • lessons learned

Mentioned in this episode

Organizations: Theori, Linux

More episodes of Risky Business Features

Explore listener stats, chart rankings, contacts and more on the Risky Business Features podcast page.