oss-sec mailing list archives

Re: CVE-2026-31431: CopyFail: linux local privilege scalation


From: Zube <Zube () panix com>
Date: Wed, 29 Apr 2026 21:14:34 -0400

# echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
# rmmod algif_aead 

Brad Spengler has been pointing out that this won't work on a few common
enterprise kernels where CONFIG_CRYPTO_USER_API_AEAD=y (rather than m).

An initial test of adding:

initcall_blacklist=algif_aead_init

to the kernel command line and rebooting seems to block the exploit.

Cheers.


Current thread: