Remix clone Hacker News

new | show | ask | jobs Github

	▲	chasil 5 hours ago
		RedHat's mitigation is this: `$ cat /etc/modprobe.d/dirtyfrag.conf install esp4 /bin/false install esp6 /bin/false install rxrpc /bin/false` Are those correct for this exploit? https://access.redhat.com/security/vulnerabilities/RHSB-2026...
	▲	itintheory 4 hours ago \| parent \| next [-]
		Yep, that's the advice from AWS for the previous set of vulnerabilities: https://aws.amazon.com/security/security-bulletins/2026-027-... That one also includes disabling user namespaces. Could be problematic if they're in use.
	▲	LawnGnome 4 hours ago \| parent \| prev [-]
		I don't know, but the problem with blocking esp4 and esp6 is that IPsec stops working, as I understand it.