CopyFail

https://copy.fail/
https://en.wikipedia.org/wiki/Copy_Fail

CVE-2026-31431 - If your kernel was built between 2017 and the patch — which covers essentially every mainstream Linux distribution — you're in scope.

Copy Fail requires only an unprivileged local user account — no network access, no kernel debugging features, no pre-installed primitives. The kernel crypto API (AF_ALG) ships enabled in essentially every mainstream distro's default config, so the entire 2017 → patch window is in play out of the box.

Disable algif_aead module

   1 sudo bash
   2 echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
   3 rmmod algif_aead

-  ⇤ ← Revision 2 as of 2026-05-03 21:32:09 → 
  Size: 671
  Editor: vitor
  Comment:
+   ← Revision 5 as of 2026-05-03 21:40:36 → ⇥
  Size: 737
  Editor: vitor
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 5:
+ * https://en.wikipedia.org/wiki/Copy_Fail
-Line 6:
+Line 7:
-If your kernel was built between 2017 and the patch — which covers essentially every mainstream Linux distribution — you're in scope.
+CVE-2026-31431 - If your kernel was built between 2017 and the patch — which covers essentially every mainstream Linux distribution — you're in scope.
-Line 11:
+Line 12:
-{{{#!/bin/sh
+{{{#!highlight sh