Hi! (Cc: kernel team.)
Gary Johnson <[email protected]> skribis: > My apologies if I've missed announcements related to this, but have we > updated our Linux kernel yet to patch against the recent Copy Fail exploit? > > https://copy.fail/ I was looking at it just now. There are more details in their post: https://xint.io/blog/copy-fail-linux-distributions But I only found the list of Linux versions that include a fix in this post: https://seclists.org/oss-sec/2026/q2/281 >From what I can see 6.19.12 and 6.18.22, which we currently ship, include the fix. Other versions are likely vulnerable: --8<---------------cut here---------------start------------->8--- $ guix package -A linux-libre$ linux-libre 6.6.134 out gnu/packages/linux.scm:1014:2 linux-libre 6.19.12 out gnu/packages/linux.scm:1014:2 linux-libre 6.18.22 out gnu/packages/linux.scm:1014:2 linux-libre 6.12.81 out gnu/packages/linux.scm:1014:2 linux-libre 6.1.168 out gnu/packages/linux.scm:1014:2 linux-libre 5.15.202 out gnu/packages/linux.scm:1014:2 linux-libre 5.10.252 out gnu/packages/linux.scm:1014:2 $ guix describe |grep -A2 guix guix ecda809 repository URL: https://git.guix.gnu.org/guix.git branch: master commit: ecda809fd454fa1574616ecfcd695678238e3aca --8<---------------cut here---------------end--------------->8--- Looks like we’re providing the offending facility as a module: --8<---------------cut here---------------start------------->8--- $ zgrep CONFIG_CRYPTO_USER_API_AEAD /proc/config.gz CONFIG_CRYPTO_USER_API_AEAD=m $ uname -sr Linux 6.18.22-gnu --8<---------------cut here---------------end--------------->8--- Thus one should be able to “rmmod algif_aead” and be done with it. Thoughts? Ludo’.
