Canonical Says Ubuntu Infrastructure Is Facing Cross-Border DDoS Attack
https://linuxiac.com/canonical-says-ubuntu-infrastructure-is-facing-cross-border-ddos-attack/Open linkView original on lemy.lolhttps://linuxiac.com/canonical-says-ubuntu-infrastructure-is-facing-cross-border-ddos-attack/Open linkView original on lemy.lol
This hatred for Snaps is getting out of hand.
Ubuntu is one of the most used distros in both desktop and server environments. Take down the update servers, can’t patch CopyFail. Can’t patch CopyFail, more time to access affected systems.
That’s my paranoid take anyway.
Normally patches roll out before the vulnerability is disclosed. But I honestly don't know the status on CopyFail
Most distros delivered patched kernels well before the vulnerability was publicly disclosed. Not sure if Ubuntu did but they had ample time to do so.
Not true. None of the major distros were alerted and Ubuntu, Debian, RHEL, etc. were all struggling at the last minute. See: https://infosec.exchange/@wdormann/116489443704631952
However, none of those DDoS's took out the archive servers, so Ubuntu users could still get new kernels.
Interesting. So only the fast distros were done patching by time of disclosure. The ones you wouldn't run a server on. Because only the kernel devs better informed. That's... pretty amateurish from the guys who discovered CopyFail.
Even then, some of the upstream LTS kernels didn't get the patch until the 30th.
Ubuntu 26.04 has already been patched, but not the older (LTS) releases.
https://ubuntu.com/security/CVE-2026-31431
@Jesus_666 @kamstrup its my understanding that this actually hasn’t been patched in most distributions. The ubuntu statement says they released mitigations and disabled the kernel module affected but that patches will be released. according to a post on linkedin made yesterday and a video attached to it demonstrating the exploit on a current kali release it hasnt been fixed
Yeah, I turned out to be slightly misinformed. The kernel sources had a fix for a while now and fast moving distros like Arch immediately picked them up. But nobody except the kernel devs was told about the vuln and so nobody expedited deployment of a fixed kernel. Ouch.
The people who found the vulnerability didn't do proper coordinated disclosure. See: https://infosec.exchange/@wdormann/116489443704631952
The Debian Bookworm fix was only rolled out last night. Bookworm was not directly affected though, so maybe that's why it took a bit more time
I could update Ubuntu servers despite the DDoS.
Does Ubuntu, like Debian, make you choose a repository mirror during the installation?
Typically they use archive.ubuntu.com, which was not affected.
@Successful_Try543 @poinck no
Add to that the recent announcement about adding AI poop to the OS.
Which border?