<> = CopyFail = * https://copy.fail/ * https://en.wikipedia.org/wiki/Copy_Fail CVE-2026-31431 - If your kernel was built between 2017 and the patch — which covers essentially every mainstream Linux distribution — you're in scope. Copy Fail requires only an unprivileged local user account — no network access, no kernel debugging features, no pre-installed primitives. The kernel crypto API (AF_ALG) ships enabled in essentially every mainstream distro's default config, so the entire 2017 → patch window is in play out of the box. == Disable algif_aead module == {{{#!highlight sh sudo bash echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead }}}