On 2026-04-30 11:56, Ludovic Courtès wrote:
> I was looking at it just now. There are more details in their post:
> https://xint.io/blog/copy-fail-linux-distributions
> But I only found the list of Linux versions that include a fix in
> this
> post:
> https://seclists.org/oss-sec/2026/q2/281
> From what I can see 6.19.12 and 6.18.22, which we currently ship,
> include the fix.
> Other versions are likely vulnerable:
> --8<---------------cut here---------------start------------->8---
> $ guix package -A linux-libre$
> linux-libre 6.6.134 out gnu/packages/linux.scm:1014:2
> linux-libre 6.19.12 out gnu/packages/linux.scm:1014:2
> linux-libre 6.18.22 out gnu/packages/linux.scm:1014:2
> linux-libre 6.12.81 out gnu/packages/linux.scm:1014:2
> linux-libre 6.1.168 out gnu/packages/linux.scm:1014:2
> linux-libre 5.15.202 out gnu/packages/linux.scm:1014:2
> linux-libre 5.10.252 out gnu/packages/linux.scm:1014:2
Created an MR with updated checksums for kernel versions with fixes [1].
However, linux-libre haven't release updated deblob scripts yet.
1 - https://codeberg.org/guix/guix/pulls/8245
