TL;DR, it looks like a faster PWM, closer to an LCD monitor’s PWM speed (fingers crossed without affecting color accuracy)
No changes to potential burn-in
Edit: I’m curious if this change affects the power savings of OLED over other panels?
Edit: to be clear, this advice is specific to Ubuntu. If you come across this and need advice for a different distro, message me or reply to this
Yes.
Ubuntu doesn’t follow upstream kernels, so they will have to make a custom backport for 6.17 to fix the kernel
It’s very unlikely you need the module that has the bug, so the mitigation should work for you
Just double check lsmod | grep aead
As long as that module is not loaded, and you have the kmod update that adds /etc/modprobe.d/disable-algif.conf you’re protected
The kmod change makes it so the affected module cannot be loaded, it was their initial workaround
The ones I was watching look like there’s an update as of an hour ago, but there wasn’t at the time of the post
Need to check Raspbian still, being on self hosting
They aren’t available on all releases - the people that found the issue didn’t really follow responsible disclosure, so distros didn’t have time to fix it
They will fix it over the next couple days, but if you need a fix now, those are the ways to protect yourself until security updates make it out
Giving a better solution is certainly useful.
I’d used initcall_debug before, but not initcall_blacklist
I’m working off the knowledge that OP is using a rolling release, so is likely fixed by that for them. (Arch based, Cachy, and OpenSUSE Tumbleweed all have it as a module, and are the most commonly suggested. Fedora fixed it 2 weeks ago since they follow mainline, so I’d expect Bazzite to have it too. If they’re using Debian Sid/Testing, it’s both fixed and a module)
If you’re using something else, this eBPF filter is probably your best bet https://github.com/Dabbleam/CVE-2026-31431-mitigation
Yeah… It seems like they only reached out to the kernel, and not to any distros…
They also disclosed after 37 days rather than the more standard 90 days for everyone to patch
Check uname -r
If you’re on 6.19.12 or newer (7.0.1 if they’ve already bumped to 7) you’re definitely safe
For others, it looks fixed in 6.18.22 6.12.85 6.6.137 6.1.170 5.15.204
If you don’t have a safe kernel,
A better solution referenced below than a module blacklist is to set initcall_blacklist=algif_aead_init in your kernel boot parameters. There is not a generic way to do this across distros, so you will need to look it up for your case
~~If you don’t have the updated kernel, you can
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf and reboot.
That ensures the buggy module cannot be loaded until you have an updated kernel~~
I’ve had similar with Vietnamese, Chinese, and Indian friends in college
If their family found out I didn’t have an abundance of food, they’d drag me to their home and feed me until I was about to burst
My project manager says nine women would have a baby in 2 weeks
Trump needs the war to end before elections later this year… I think it’s extremely likely the US agrees to giving Iran more power than it had before the beginning, Trump just needs one small concession so he can call it a “win” even if he’s lost
I think the question is less “should they” and more, there is one already announced and in production, so what do you think it’ll look like
Wait. So the flaw was in uutils, and this article reported it as a systemd bug…?
Debian on my personal computers and servers.
Ubuntu on my work desktop, RHEL on work’s servers
I wouldn’t consider Debian “Canonical”-y, it’s just what they happened to pick as their upstream.
I tried some of the atomic distros, but ran into too many problems. When I buy a new computer, I sometimes have to run Opensuse Tumbleweed or Arch to get new enough hardware support… Too lazy to rebuild my kernel and mesa at home
The software manager they’re using already looks like GNOME 3+
uses GrapheneOS on a Pixel 7 or LineageOS flashed onto a LG Tribute with zero Google apps, and everything backed up via nextcloud running on a headless Debian Raspberry Pie?
Hey now, it’s a Pixel 8 and Raspbian.
Two google apps in a separate profile with a different pin
Why do people keep referencing this like it was merged…
It was specifically rejected
Maybe to help, you can see where you’ve enabled “repositories” that APT can download from in /etc/apt/sources.list and /etc/apt/sources.list.d
As long as you haven’t manually installed a .dpkg package, or manually modified it, they should be something like
deb.debian.org security.debian.org
Some things like Slack may try to add their own repositories down there
When you type “sudo apt install” it is allowed to install from any configured repos down there
They’ll get loaded, even without root