Patches for CVE-2026-43284 are in https://www.cve.org/CVERecord?id=CVE-2026-43284. Probably makes sense to release fixes for it first, as current live mitigation blocks esp4/esp6 modules -- that would unblock xfrm/IPSec (which arguably more prominent than rxrpc).
rxrpc CVE-2026-43500 got v3 patch https://lore.kernel.org/all/af2kdW2F1gJ9U-Gg@v4bel/, but not yet reviewed / included. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2151831 Title: Dirty Frag LPE security vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kmod/+bug/2151831/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
