So CopyFail CVE-2026-31431 is a thing.

@wdormann
With "good", I was referring to RHEL's proposal that requires a reboot to become effective.

@wdormann The mitigation to block the modules on boot is good. There is one drawback tough - it requires a reboot. Something that may not be immediately feasible in every environment. On RHEL, this is, however, needed, as algif_aead is part of the kernel.