You must log in or # to comment.
Tested on Ubuntu 24.04. Security patching from Ubuntu does fix it. Scary vulnerability
It looks like the fix is just disabling the algif_aead kernel module. That prevented the proof of concept script from working on everything I tested it on. Hopefully they will get some kernel updates out soon.
They have shipped out an update mitigation for the issue. http://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
sudo apt update && sudo apt upgradeand after that, also do the steps listed on that page for running
rmmodand grepping for the affected module unloaded
Do the sysctl fix and you’re fine to wait for a patch.
