The latest stable Linux kernel LTS releases, versions 6.6.138, 6.12.87, and 6.18.28, address a critical memory handling flaw that could compromise encrypted UDP traffic during IPsec operations. This vulnerability arose from the incorrect assumption that the network stack fully owned the data when splicing shared pipe pages into sockets, leading to potential data corruption. The patch implements a proper copy-on-write routine to prevent memory overwrites while maintaining standard performance, and users are urged to update their systems immediately. Administrators can apply these updates through their distribution package managers without requiring configuration changes, ensuring improved network integrity for systems relying on stable VPN connections

Linux Kernel 6.6.138, 6.12.87, and 6.18.28 released

The latest stable Linux kernel LTS releases patch a critical memory handling flaw that could corrupt encrypted UDP traffic during IPsec operations. When the network stack spliced shared pipe pages into sockets, it incorrectly assumed full ownership of the data and decrypted packets in place instead of making safe private copies. This update forces the system to trigger a proper copy-on-write routine whenever shared fragments are detected, preventing silent memory overwrites without impacting standard performance. Administrators and power users should apply these kernel updates immediately through their distribution package managers to maintain reliable network connectivity and prevent unexpected packet drops.

Linux Kernel 6.6.138, 6.12.87, and 6.18.28 released @ Linux Compatible