Have any distributors/vendors released versions that fix CopyFail? If so, can someone help me compile with distributors and versions?
Post
Replies:
7
@dangoodin Debian Testing (sid) seems to be fixed.
@dangoodin ProxMox already has a patch: https://forum.proxmox.com/threads/proxmox-virtual-environment-security-advisories.149331/page-3#post-850782
RedHat https://access.redhat.com/security/cve/cve-2026-31431
Debian https://security-tracker.debian.org/tracker/CVE-2026-31431
Ubuntu https://ubuntu.com/security/CVE-2026-31431
Suse: https://www.suse.com/security/cve/CVE-2026-31431.html
Arch: https://security.archlinux.org/CVE-2026-31431
Fedora fixed: https://bugzilla.redhat.com/show_bug.cgi?id=2460538
@dangoodin Tenebale has a listing of states of patching in this article: https://www.tenable.com/blog/copy-fail-cve-2026-31431-frequently-asked-questions-about-linux-kernel-privilege-escalation
Thanks a million! So when Tenable says SUSE et al. are "patching" and Debian et al. are "not patched," what's the difference? Are there downloads for the former or just mitigation guidance?
@dangoodin Patching, at least to me, is they are working on the official patches for their supported versions right now. the Not Patched is no official patches yet. Pretty sure you could still toss in a generic patched kernel at your own risk.
