- cross-posted to:
- linux@lemmy.ml
- linux@lemmy.ml
- cross-posted to:
- linux@lemmy.ml
- linux@lemmy.ml
woaw
also a good blog post about it https://xint.io/blog/copy-fail-linux-distributions
woaw
also a good blog post about it https://xint.io/blog/copy-fail-linux-distributions
It looks like the fixes were merged in 6.18, 6.19, and 7.0. But all older (but supported) LTS kernels didn’t have the fix, like 6.12, which is used in Debian 13. And it also seems that Ubuntu, RHEL, and SUSE had not picked up the patches in their kernel versions.
The kernel 6.12.73-1 used by Debian Trixie is still vulnerable. Applying security updates should update the kernel to 6.12.85-1 and fix the issue.
https://security-tracker.debian.org/tracker/CVE-2026-31431
Edit: Kernel 6.1.170-1 just got released and fixes the vulnerability.