As a temporary mitigation, the Copy Fail website suggests disabling the algif_aead module:

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true

We tested that and it prevented the PoC exploit. This mitigation may come with some caveats in very specific configurations (see link), but in our case everything appears to work normally.