this post was submitted on 02 May 2026
96 points (98.0% liked)
Linux
13571 readers
374 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Most distros delivered patched kernels well before the vulnerability was publicly disclosed. Not sure if Ubuntu did but they had ample time to do so.
Not true. None of the major distros were alerted and Ubuntu, Debian, RHEL, etc. were all struggling at the last minute. See: https://infosec.exchange/@wdormann/116489443704631952
However, none of those DDoS's took out the archive servers, so Ubuntu users could still get new kernels.
Interesting. So only the fast distros were done patching by time of disclosure. The ones you wouldn't run a server on. Because only the kernel devs better informed. That's... pretty amateurish from the guys who discovered CopyFail.
Even then, some of the upstream LTS kernels didn't get the patch until the 30th.
Ubuntu 26.04 has already been patched, but not the older (LTS) releases.
https://ubuntu.com/security/CVE-2026-31431
@Jesus_666 @kamstrup its my understanding that this actually hasn’t been patched in most distributions. The ubuntu statement says they released mitigations and disabled the kernel module affected but that patches will be released. according to a post on linkedin made yesterday and a video attached to it demonstrating the exploit on a current kali release it hasnt been fixed