The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.
I have Debian 11 VPS. Debian 11 runs kernel 5.10. So it is affected.
Upgraded linux-image packages have hit bullseye-security (in my case, linux-image-5.10.0-11-amd64, version 5.10.92-2, with a date-stamp of 2022-02-28).
However, if I have no untrusted users on my VPS, do I really need to update the kernel?
Will updating the kernel cause problems for my Hestia CP?
Will I need to restart the VPS for the kernel update to take effect?
Is there such a thing as a trusted user ?!?!
Whenever I see a kernel update, I schedule the restart so that the new kernel takes over. Though there are services like KernelCare that do live kernel updating, if you really need ultra high availability.