Sounds like this one is in the same kernel modules as dirtyfrag, so the existing mitigations (if in place) are sufficient.

▲ chasil 5 hours ago | parent [-]

RedHat's mitigation is this:

  $ cat /etc/modprobe.d/dirtyfrag.conf
  install esp4 /bin/false
  install esp6 /bin/false
  install rxrpc /bin/false

Are those correct for this exploit?

	▲	itintheory 4 hours ago \| parent \| next [-]
		Yep, that's the advice from AWS for the previous set of vulnerabilities: https://aws.amazon.com/security/security-bulletins/2026-027-... That one also includes disabling user namespaces. Could be problematic if they're in use.
	▲	LawnGnome 4 hours ago \| parent \| prev [-]
		I don't know, but the problem with blocking esp4 and esp6 is that IPsec stops working, as I understand it.