| ▲ | jayofdoom 7 hours ago | |
This workaround only applies to kernels with the impacted code compiled as a module. RHEL, Fedora, and Gentoo (we use a modified Fedora config) all are configured to build this in directly. Without a patch or config change (as Sam from Gentoo was alluding to), those distributions remain vulnerable. | ||
| ▲ | jcul 6 hours ago | parent | next [-] | |
There was some discussion on the GitHub issues about workarounds to disable it, even though it is baked in. https://github.com/theori-io/copy-fail-CVE-2026-31431/issues... https://github.com/theori-io/copy-fail-CVE-2026-31431/issues... | ||
| ▲ | pitrdevries 6 hours ago | parent | prev | next [-] | |
This worked as a mitigation on distros with the module compiled into the kernel: https://gist.github.com/m3nu/c19269ef4fd6fa53b03eb388f77464d... Basically: sudo grubby --update-kernel=ALL --args=initcall_blacklist=algif_aead_init sudo reboot | ||
| ▲ | akdev1l 5 hours ago | parent | prev [-] | |
F44 is safe as the kernel is greater than 6.18.22 | ||