| From: CAREY SCHUG via talk <talk@gtalug.org> | Maybe i missed it, but can somebody post the "for dummies" command to | tell if one has the fix installed? | | I realize a different command for each package manager, at least: Deb, pacman, rpm, gentoo, others? DON'T PANIC. For a Bad Guy to exploit this bug, they need to be able to run code of their choosing on your machine. I bet you don't let anyone dangerous log in to your machine. And I bet you don't run random shell scripts from the internet. The bug is pretty old so you are unlikely to have a kernel that predates the bug's introduction. So you need to have a kernel new enough to have the fix. Each distro probably released its own announcement some time after late January 2024. The bug's name is CVE-2024-1086. Googling that and your disto's name should get you to any announcement. Because distros don't want to let the cat out of the bag prematurely, they may be coy in the description of the update. The Good Guys want to release fixes before alerting Bad Guys of a vulnerability.