Are plans in the works to address CVE-2026-31431 (CopyFail)? My dietpi reports 6.12.75+rpt-rpi-v8, but the main Debian repo is patched to 6.12.85, a kernel version that has been fixed.
Thank you.
According to your kernel version, you are running a raspberry pi. Means you would need to ask RPi developer as we don’t maintain RPI kernel ourselves.
Okay, good to know.
All our kernel builds have been updated, and Debian did so basically at day 0. For RPi users, instead of upgrading to the beta kernel with rpi-update and pulling in a bunch of legacy tools that will remain as cruft on the system (when I last tested), I highly recommend to just disable the affected kernel module. I do not see this API/driver used anywhere on my systems, but let me know if you face any issue doing this:
echo 'install algif_aead /bin/false' | sudo tee /etc/modprobe.d/disable-algif.conf
sudo modprobe -r algif_aead
Remove /etc/modprobe.d/disable-algif.conf again after the next RPi kernel upgrade has been released and applied.
Hello,
I have seen the kernel update but I don’t know if there isn’t a problem with it.
Here’s what installing the updated kernel would remove:
apt upgrade linux-image-vendor-rk35xx
Upgrading:
linux-image-vendor-rk35xx
REMOVING:
linux-dtb-vendor-rk35xx
Summary:
Upgrading: 1, Installing: 0, Removing: 1, Not Upgrading: 0
Download size: 45.7 MB
Freed space: 90.7 MB
Continue? [Y/n] n
I’d lose all the DTBs and therefore the ability to boot, no?
Edit: ah, I see that this is intended and also that these kernels aren’t affected.
correct