Skip to main content
Image

r/AlmaLinux


DirtyClone (CVE-2026-43503) on AlmaLinux?
DirtyClone (CVE-2026-43503) on AlmaLinux?

I read about the vulnerability last Friday, but there's very little information available and I can't find any conclusive evidence regarding whether it's been previously patched or not. The kernel changelog doesn't state anything about CVE-2026-43503.

Additionally, there's no AlmaLinux blog post like there usually is for other major vulnerabilities, so I'm a bit on the fence about this one.

Does anyone have more information?

Thanks!

Some references:
https://www.reddit.com/r/linux/comments/1uinqoc/dirtyclone_cve202643503_the_linux_kernel_flaw/
https://sansec.io/guides/dirty-clone
https://thehackernews.com/2026/06/new-dirtyclone-linux-kernel-flaw-lets.html


Advertisement: #1 Online MBA in Ohio
#1 Online MBA in Ohio

Earn an accredited MBA in 1 year from Ohio's largest provider of online MBAs.

Image #1 Online MBA in Ohio



Network Manager doesn't like my /30 network
Network Manager doesn't like my /30 network

This is probably not a specific AlmaLinux problem, but some weirdness with Network Manager maybe?

I have a fresh install of AlmaLinux 10.1 on a PC with two NICs. First NIC is on my corporate network, works fine. Second NIC is a 'heartbeat' NIC directly wired to another AlmaLinux 10.1 PC. These two servers use clustering and have this second NIC to determine who is online and prevent split-brain.

Anyways, we have been doing this type of setup with AlmaLinux 8 previously, this is the first time we're using AlmaLinux 10. In version 8, we didn't have/use NetworkManager, we just edited interface configuration files. We have always used 10.0.0.1/30 and 10.0.0.2/30 as the IPs on the 'heartbeat' NICs. The .1 IP is 'node A', and the .2 IP is 'node B'. Works wonderfully on AlmaLinux 8.

However, on AlmaLinux 10, we are using 'nmcli' to set this up. I assign the 'IPv4.Address' to the IPs above, and I also disable IPV6 entirely. Node B uses 10.0.0.2/30 with no issue. Node A reports an IP duplicate when I try to bring online 10.0.0.1/30, and brings the interface 'down'. The MAC address with the duplicate IP is one digit above the MAC address of the local interface (which is odd and makes me think it's some internal Network Manager thing).

I dug in a bit and found I can disable the duplicate IP sensing thing by setting the IPV4.dad-timout to value 0 (zero). This allows me to bring the interface online, but then it just doesn't work (can't exchange packets with 10.0.0.2 on that NIC.

I change the configuration to use 10.0.0.11/24 for node A, and 10.0.0.12/24 for node B, and that works just fine.

I'll hit this today and do more testing, but this is weird!

Anybody have a clue what is going on here?