| ▲ | KamiNuvini 2 hours ago | |
Does anyone know whether Debian is vulnerable? I tried the exploit on a Debian 12+Debian 13 machine but wasn't able to reproduce it myself. | ||
| ▲ | thaniri an hour ago | parent | next [-] | |
I was able to reproduce this issue on kernel 6.12.57+deb13-amd64 running Debian 13 (Trixie), but unable to reproduce it on kernel 6.1.0-42-amd64 running Debian 12 (Bookworm). For anyone not on the security stream of Debian packages for Bookworm, kernel version 6.1.0-42-amd64 is actually immune to copy.fail. Surprising that it looks to be immune to dirtyfrag. If you haven't already patched on the security stream, you can choose any kernel version that kept commit 2b8bbc64b5c2. I am thinking that the same commit might accidentally be keeping certain Debian 12 kernel versions safe from dirtyfrag as well. | ||
| ▲ | cholmon an hour ago | parent | prev | next [-] | |
I just tried the exploit on a fresh Debian 13 droplet on digitalocean and it worked. | ||
| ▲ | louwrentius 37 minutes ago | parent | prev [-] | |
I tested on a fully up-to-date Debian 13 and the exploit works. The mitigation also works / confirmed. | ||