Debian: Linux Vulnerability Mitigation (PACKET_EDIT_MEME.c)

The Linux local root exploit of today’s news is PACKET_EDIT_MEME.c [CVE-2026-46331] which is also known as pedit COW.

This vulnerability has been fixed as of linux 7.1~rc7, but also fixed in trixies 6.12.94-1 as well as testing/unstable 7.0.13-1. If you run an older or different kernel you might want to mitigate the vulnerability until you can update and reboot affected systems.

The vulnerability can be mitigated by unloading and blocking the act_pedit module, linux-vulnerability-mitigation as of 20260629-1 (uploaded to sid, trixie-fastforward-backports and people.debian.org/~daniel) does that automatically for you.