It does? The disclosure even says the concern for single user systems is very low. If someone has access to your single user system, remote or otherwise, you’ve already lost on the sort of device people would be switching from windows to Linux on.

> The disclosure even says the concern for single user systems is very low.

For single user systems (not rigorously defined, I presume it's the intersection of our two definitions which we might be talking about) the nature of the exploit is local privilege escalation, of which there could be many possible, and many mitigations / countermeasures against. This could have suddenly appeared from the ether of "unknown unknowns" for some people.

Those people farther up the food chain still potentially have service accounts, maybe even user accounts for some purposes, perhaps "trusted" services which deliver them code which they deserialize and run once. (Have a pickle.)

severity * impact * likelihood

Not everyone looking to migrate from Windows 95 plans to run everything as root afterward.

On the copy.fail site:

    echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
    rmmod algif_aead 2>/dev/null || true

Someone like an AI coding agent perhaps ? This is the type of thing Prompt injection was made for.

No OS is perfect. The awkward rollout for this bug fix is proof of that.