> no patches [...] exist Please say whether or not the following patchset is sufficient to fix the dirty flag vulnerability:
* https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=f4c50a4034e62ab75f1d5cdd191dd5f9c77fdff4 * https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=cac2661c53f3 * https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=03e2a30f6a27 * https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7da0dde68486 * https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=6d8192bd69bb * https://lore.kernel.org/all/afKV2zGR6rrelPC7@v4bel/ Additionally, at https://bugs.launchpad.net/ubuntu/+source/kmod/+bug/2151831 , I additionally suggested disabling modules xfrm_interface and xfrm_user worried about the commit message of the first kernel patch. This is a combination of Hyunwoo Kim and SiCk's strategies. Is this mix necessary for the mitigation?
