this post was submitted on 30 Apr 2026
162 points (98.8% liked)
Linux
13577 readers
614 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It seems that most LTS distros didn't get a heads up and there are no patches available. Uh oh.
Automated test suites became so good, many regular people can just use rolling release distros these days.
That may be true for personal computers, but the impact of this vulnerability is mainly on servers. And those typically run distros like Debian, Ubuntu, RHEL that didn't have a patch at that time.
The impact is any Linux install without root access for its users.
Sure, but it’s much easier to get some form of RCE on public hosts in order to make practical use of the LPE.
What I read said the patch was merged into main on April 1st, so they should have.
This thread gives a good rundown of what happened: https://infosec.exchange/@wdormann/116489443704631952
It looks like the fixes were merged in 6.18, 6.19, and 7.0. But all older (but supported) LTS kernels didn't have the fix, like 6.12, which is used in Debian 13. And it also seems that Ubuntu, RHEL, and SUSE had not picked up the patches in their kernel versions.
The kernel 6.12.73-1 used by Debian Trixie is still vulnerable. Applying security updates should update the kernel to 6.12.85-1 and fix the issue.
https://security-tracker.debian.org/tracker/CVE-2026-31431
Edit: Kernel 6.1.170-1 just got released and fixes the vulnerability.