| ▲ | embedding-shape 3 hours ago |
| For mitigation, the page currently basically just says: > Update your distribution's kernel package to one that includes mainline commit a664bf3d603d But it isn't very clear to me what Kernel version you can expect that to be in. For Arch/CachyOS, the patch seems to be included in 6.18.22+, 6.19.12+ and 7.0+. If you're on any of the lower versions in the same upstream stable series, you're likely vulnerable right now. Some distro kernels may include the fix in other versions, so check for your distribution. |
|
| ▲ | kro 3 hours ago | parent | next [-] |
| Major os vendors will publish pages with the fixed versions: https://security-tracker.debian.org/tracker/CVE-2026-31431 https://ubuntu.com/security/CVE-2026-31431 Also, disabling algif_aead is suggested as mitigation |
| |
| ▲ | 1p09gj20g8h 2 hours ago | parent [-] | | Where are you seeing the disabling algif_aead mitigation? | | |
| ▲ | oskarkk 2 hours ago | parent [-] | | In TFA: https://copy.fail/#mitigation > Before you can patch: disable the algif_aead module. > echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf > rmmod algif_aead 2>/dev/null || true Edit: and I can confirm that on my system with kernel 6.19.8 the above fixes the exploit. | | |
| ▲ | comfydragon 32 minutes ago | parent [-] | | Weirdly, the mitigation does not seem to work under WSL2 (at least in Ubuntu 24.04). Linux wsl2 6.6.87.2-microsoft-standard-WSL2 ...
`modprobe algif_aead` errors out, but if I run the POC, it succeeds.Outside of WSL2, the mitigation does appear to work though. |
|
|
|
|
| ▲ | nh2 2 hours ago | parent | prev [-] |
| On a git repo that has as remotes https://github.com/torvalds/linux.git
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git as remotes:
running a search for commit a664bf3d603d's commit message: git log --all --grep 'crypto: algif_aead - Revert to operating out-of-place' '--format=%H' | xargs -I '{}' git tag --contains '{}' | sort -u
outputs these tags as having the fix: v6.18.22
v6.18.23
v6.18.24
v6.18.25
v6.19.12
v6.19.13
v6.19.14
v7.0
v7.0.1
v7.0.2
v7.0-rc7
v7.1-rc1
|
