Hello AlmaLinux Users,
A few days ago Xint Code disclosed Copy Fail (CVE-2026-31431), a Linux kernel logic flaw in the crypto subsystem (algif_aead chained through AF_ALG and splice()). It lets any unprivileged local user escalate to root with a 732-byte exploit that the researchers report is 100% reliable across every mainstream Linux distribution built since 2017.
Every supported AlmaLinux release is affected. Red Hat has not yet shipped a kernel update, so our core team has built patched kernels for AlmaLinux 8, 9, 10, and Kitten 10 using the upstream fix. ALESCo approved shipping ahead of upstream - the patched kernels are in the testing repository today, and they’ll move to production once the community has helped us verify them.
If you can spare a test box - especially anything multi-tenant, a container host, or a CI runner where untrusted users get a shell - we’d love your help testing. Full instructions, kernel versions, and feedback channels are on the blog: