The issue should be mitigated for now thanks to USN-8226-1 and USN-8226-2. While the website may be down, the security email list continues to work apparently.
The description of this USN reads:
kmod has been updated to block loading of the algif_aead kernel module.
It suggest the following updates:
Ubuntu 25.10 kmod 34.2-2ubuntu1.1
Ubuntu 24.04 LTS kmod
31+20240202-2ubuntu7.2Ubuntu 22.04 LTS kmod 29-1ubuntu1.1
Ubuntu 20.04 LTS kmod 27-1ubuntu2.1+esm1 Available with Ubuntu Pro
Ubuntu 18.04 LTS kmod 24-1ubuntu3.5+esm1 Available with Ubuntu Pro
Ubuntu 16.04 LTS kmod 22-1ubuntu5.2+esm1 Available with Ubuntu Pro
Ubuntu 14.04 LTS kmod 15-0ubuntu7+esm1 Available with Ubuntu Pro
I've not been able to verify what happens without a reboot or before installing that update yet, but after installation the exploit no longer works on my test server:
~$ python3 copy_fail_exp.py
Traceback (most recent call last):
File "/tmp/copy_fail_exp.py", line 9, in <module>
while i<len(e):c(f,i,e[i:i+4]);i+=4
^^^^^^^^^^^^^^^
File "/tmp/copy_fail_exp.py", line 5, in c
a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=2
79;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'*64));v(h,5,None,4);u,_=a.accep
t();o=t+4;i=d('00');u.sendmsg([b"A"*4+c],[(h,3,i*4),(h,2,b'\x10'+i*19),(h,4,b'\
x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno()
,o)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
FileNotFoundError: [Errno 2] No such file or directory
They link the following blog and notices (may be not reachable now, but for future reference):
- https://ubuntu.com/blog/copy-fail-vulnerability-fixes-available
- https://ubuntu.com/security/notices/USN-8226-1
- https://ubuntu.com/security/notices/USN-8226-2
Kernel patches will probably become available in the near future as well, but due to the current state of the websites it is rather hard to get up-to-date information and I've yet to receive an email about it.