cm0002@lemy.lol to Linux@programming.dev · 2 days agoCanonical Says Ubuntu Infrastructure Is Facing Cross-Border DDoS Attacklinuxiac.comexternal-linkmessage-square15linkfedilinkarrow-up194arrow-down12
arrow-up192arrow-down1external-linkCanonical Says Ubuntu Infrastructure Is Facing Cross-Border DDoS Attacklinuxiac.comcm0002@lemy.lol to Linux@programming.dev · 2 days agomessage-square15linkfedilink
minus-squarekamstrup@programming.devlinkfedilinkarrow-up11·2 days agoNormally patches roll out before the vulnerability is disclosed. But I honestly don’t know the status on CopyFail
minus-squareJesus_666@lemmy.worldlinkfedilinkarrow-up7arrow-down1·2 days agoMost distros delivered patched kernels well before the vulnerability was publicly disclosed. Not sure if Ubuntu did but they had ample time to do so.
minus-squarelengau@midwest.sociallinkfedilinkarrow-up4·1 day agoNot true. None of the major distros were alerted and Ubuntu, Debian, RHEL, etc. were all struggling at the last minute. See: https://infosec.exchange/@wdormann/116489443704631952 However, none of those DDoS’s took out the archive servers, so Ubuntu users could still get new kernels.
minus-squareJesus_666@lemmy.worldlinkfedilinkarrow-up2·1 day agoInteresting. So only the fast distros were done patching by time of disclosure. The ones you wouldn’t run a server on. Because only the kernel devs better informed. That’s… pretty amateurish from the guys who discovered CopyFail.
minus-squarelengau@midwest.sociallinkfedilinkarrow-up4·1 day agoEven then, some of the upstream LTS kernels didn’t get the patch until the 30th.
minus-squareSuccessful_Try543@feddit.orglinkfedilinkarrow-up4·2 days agoUbuntu 26.04 has already been patched, but not the older (LTS) releases. https://ubuntu.com/security/CVE-2026-31431
minus-squarelengau@midwest.sociallinkfedilinkarrow-up3·1 day agoThe people who found the vulnerability didn’t do proper coordinated disclosure. See: https://infosec.exchange/@wdormann/116489443704631952
minus-squareMiaou@jlai.lulinkfedilinkarrow-up2·1 day agoThe Debian Bookworm fix was only rolled out last night. Bookworm was not directly affected though, so maybe that’s why it took a bit more time
Normally patches roll out before the vulnerability is disclosed. But I honestly don’t know the status on CopyFail
Most distros delivered patched kernels well before the vulnerability was publicly disclosed. Not sure if Ubuntu did but they had ample time to do so.
Not true. None of the major distros were alerted and Ubuntu, Debian, RHEL, etc. were all struggling at the last minute. See: https://infosec.exchange/@wdormann/116489443704631952
However, none of those DDoS’s took out the archive servers, so Ubuntu users could still get new kernels.
Interesting. So only the fast distros were done patching by time of disclosure. The ones you wouldn’t run a server on. Because only the kernel devs better informed. That’s… pretty amateurish from the guys who discovered CopyFail.
Even then, some of the upstream LTS kernels didn’t get the patch until the 30th.
Ubuntu 26.04 has already been patched, but not the older (LTS) releases.
https://ubuntu.com/security/CVE-2026-31431
The people who found the vulnerability didn’t do proper coordinated disclosure. See: https://infosec.exchange/@wdormann/116489443704631952
The Debian Bookworm fix was only rolled out last night. Bookworm was not directly affected though, so maybe that’s why it took a bit more time