that kernel release (which most distros have still not shipped yet) fixes only one of the two vulnerabilities (CVE-2026-43284); afaik even upstream still doesn’t have a patch for the second one (CVE-2026-43500) at this time.
(for people relying on Linux privilege separation, here are mitigation instructions.)
that kernel release (which most distros have still not shipped yet) fixes only one of the two vulnerabilities (CVE-2026-43284); afaik even upstream still doesn’t have a patch for the second one (CVE-2026-43500) at this time.
(for people relying on Linux privilege separation, here are mitigation instructions.)