deddit.petersanchez.com

Copy Fail – CVE-2026-31431 (copy.fail)
from cyrano@piefed.social to selfhosted@lemmy.world on 01 May 04:28
https://piefed.social/c/selfhosted/p/2026153/copy-fail-cve-2026-31431

cross-posted from: https://lemmy.bestiver.se/post/1076650

Comments

#selfhosted

threaded - newest

cyrano@piefed.social on 01 May 04:45 next collapse

Tested on Ubuntu 24.04. Security patching from Ubuntu does fix it. Scary vulnerability

cmnybo@discuss.tchncs.de on 01 May 06:29 collapse

It looks like the fix is just disabling the algif_aead kernel module. That prevented the proof of concept script from working on everything I tested it on. Hopefully they will get some kernel updates out soon.

corsicanguppy@lemmy.ca on 01 May 07:35 collapse

Do the sysctl fix and you’re fine to wait for a patch.