Revision 13114bb5-a530-4237-bd88-3f260d1ddaf4

The issue should be mitigated for now thanks to USN-8226-1 and USN-8226-2. It more or less applies the same mitigations suggested by the researchers, but right in `kmod` and through an update. While the website may be down, the security email list continues to work apparently.

The description of this USN reads:

> kmod has been updated to block loading of the algif_aead kernel
> module.

It suggest the following updates:

> Ubuntu 25.10   kmod                            34.2-2ubuntu1.1
> 
> Ubuntu 24.04 LTS   kmod                           
> 31+20240202-2ubuntu7.2
> 
> Ubuntu 22.04 LTS   kmod                            29-1ubuntu1.1
> 
> Ubuntu 20.04 LTS   kmod                            27-1ubuntu2.1+esm1
>                                   Available with Ubuntu Pro
> 
> Ubuntu 18.04 LTS   kmod                            24-1ubuntu3.5+esm1
>                                   Available with Ubuntu Pro
> 
> Ubuntu 16.04 LTS   kmod                            22-1ubuntu5.2+esm1
>                                   Available with Ubuntu Pro
> 
> Ubuntu 14.04 LTS   kmod                            15-0ubuntu7+esm1
>                                   Available with Ubuntu Pro

This mitigation can be applied using:
```bash
~$ sudo apt update && sudo apt upgrade kmod
```

I've not been able to verify what happens without a reboot or before installing that update yet, but after installation the exploit no longer works on my test server:

    ~$ python3 copy_fail_exp.py                         
    Traceback (most recent call last):                                             
      File "/tmp/copy_fail_exp.py", line 9, in <module>                            
        while i<len(e):c(f,i,e[i:i+4]);i+=4                                        
                       ^^^^^^^^^^^^^^^                                             
      File "/tmp/copy_fail_exp.py", line 5, in c                                   
        a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=2
    79;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'*64));v(h,5,None,4);u,_=a.accep
    t();o=t+4;i=d('00');u.sendmsg([b"A"*4+c],[(h,3,i*4),(h,2,b'\x10'+i*19),(h,4,b'\
    x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno()
    ,o)                                                                            
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^    
    FileNotFoundError: [Errno 2] No such file or directory

It looks like binding to an `aead` socket was successfully prevented.

They link the following blog and notices (may be not reachable now, but for future reference):
- https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
- https://ubuntu.com/security/notices/USN-8226-1
- https://ubuntu.com/security/notices/USN-8226-2

Kernel patches will probably become available in the near future as well, but due to the current state of the websites it is rather hard to get up-to-date information and I've yet to receive an email about it.