Hello AlmaLinux Users,
A few days ago Xint Code disclosed Copy Fail (CVE-2026-31431), a Linux
kernel logic flaw in the crypto subsystem (algif_aead chained through
AF_ALG and splice()). It lets any unprivileged local user escalate to root
with a 732-byte exploit that the researchers report is 100% reliable across
every mainstream Linux distribution built since 2017.
Every supported AlmaLinux release is affected. Red Hat has not yet shipped
a kernel update, so our core team has built patched kernels for AlmaLinux
8, 9, 10, and Kitten 10 using the upstream fix. ALESCo approved shipping
ahead of upstream — the patched kernels are in the testing repository
today, and they'll move to production once the community has helped us
verify them.
If you can spare a test box — especially anything multi-tenant, a container
host, or a CI runner where untrusted users get a shell — we'd love your
help testing. Full instructions, kernel versions, and feedback channels are
on the blog:
https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/
--
Jonathan Wright
AlmaLinux OS Foundation
Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan>
