selinux on enforcement mode did not mitigate the exploit when I tested today on fedora coreos :(