A vulnerability (CVE-2026-31431, CVSS 7.8 High) in the Linux kernel's `algif_aead` crypto interface requires a security update for Red Hat Enterprise Linux 8 systems running kernel version 4.18.0-553. The flaw affects upstream Linux kernel versions 4.14 through 5.10.254, 5.11 through 5.15.204, 5.16 through 6.1.170, 6.2 through 6.6.137, and 6.7 through 6.12.85. Red Hat has released live patch modules (e.g., kpatch-patch-4_18_0-553_109_1) to remediate the issue without a full reboot, though a reboot is required for the update to take full effect.
Red Hat Product Errata RHSA-2026:15976 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:15976 - Security Advisory Overview Updated Packages Synopsis Important: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for multiple packages is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-4.18.0-553.40.1.el8_10. Security Fix(es): kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Fixes BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM kpatch-patch-4_18_0-553_109_1-1-1.el8_10.src.rpm SHA-256: 28d90af228c482b362ae9d53456321dfcac2ec22659ce774d41192e81c1b04f3 kpatch-patch-4_18_0-553_40_1-1-10.el8_10.src.rpm SHA-256: 0e807747d56199303087602164f03b77f74b50a83360e926432a2575ce95d169 kpatch-patch-4_18_0-553_53_1-1-8.el8_10.src.rpm SHA-256: 06ddb14673abaf39c9b7cb9eb891595b3ed52e453c1fa046416e746a52f8b923 kpatch-patch-4_18_0-553_72_1-1-5.el8_10.src.rpm SHA-256: 510ac3a9387d90f28393491aff8deb08fcf81c2daba155a09fb8ab3fef3ccbef kpatch-patch-4_18_0-553_85_1-1-3.el8_10.src.rpm SHA-256: caca7dfb16b63b077958a332a85e302e44e67e73230d789a992ff37948cbf5ee x86_64 kpatch-patch-4_18_0-553_109_1-1-1.el8_10.x86_64.rpm SHA-256: 73c6ec714c1a53d313b358d5f8a5e2c6ea4674dc8c91216f636a16a8dc0fd227 kpatch-patch-4_18_0-553_109_1-debuginfo-1-1.el8_10.x86_64.rpm SHA-256: 854930df1568eeb4a60a3af141c98badd8b8dba5b5acb64314d6ee18e44f919d kpatch-patch-4_18_0-553_109_1-debugsource-1-1.el8_10.x86_64.rpm SHA-256: 6ab3a76d08f76164b4ceffa1bd0a0e98ab0c2514209a93f1271b620579d1df3a kpatch-patch-4_18_0-553_40_1-1-10.el8_10.x86_64.rpm SHA-256: ab237e99e48ef61dc8171514fa4e3679b04c971d9e45c086ab957c62e33e6efc kpatch-patch-4_18_0-553_40_1-debuginfo-1-10.el8_10.x86_64.rpm SHA-256: f3c864f78348579032ff6d51ed5031720cbfacde914dc7207ef16769c1199d5d kpatch-patch-4_18_0-553_40_1-debugsource-1-10.el8_10.x86_64.rpm SHA-256: 13ef70d7b4ecd5141018f926f2b7fd26a5fb82b20e31a77aaeae36abd292aec1 kpatch-patch-4_18_0-553_53_1-1-8.el8_10.x86_64.rpm SHA-256: 450da602e0213f1cc73a25eac064329d33a91d76788c1cb6a67f30cfb8029e7f kpatch-patch-4_18_0-553_53_1-debuginfo-1-8.el8_10.x86_64.rpm SHA-256: 77ccf110c67dcaac655f5faefe876bd201c1822c930b39d8ff2c72be2dfcc84f kpatch-patch-4_18_0-553_53_1-debugsource-1-8.el8_10.x86_64.rpm SHA-256: aea8b79552f54da0d73c1337b428d1e19d59a8fd9476237ea2bd17ee35f4482e kpatch-patch-4_18_0-553_72_1-1-5.el8_10.x86_64.rpm SHA-256: 1274e661c34662728c6b996beb9ed0c7ef79ac0546672530b5fb5912affff408 kpatch-patch-4_18_0-553_72_1-debuginfo-1-5.el8_10.x86_64.rpm SHA-256: 5f9576213d0f074623c7b074e5362f6f44c14f8001afa027ebb9e6a199f6ef47 kpatch-patch-4_18_0-553_72_1-debugsource-1-5.el8_10.x86_64.rpm SHA-256: 44eb820d48d0c07d0c2562e4894d05ccd70de9aec3c3590b91cd5d465299a801 kpatch-patch-4_18_0-553_85_1-1-3.el8_10.x86_64.rpm SHA-256: 141501d31ec1d0c13b116fa44583e686d671f6842d551d0b3edcaefd2b8a4cf5 kpatch-patch-4_18_0-553_85_1-debuginfo-1-3.el8_10.x86_64.rpm SHA-256: 290f09bd93ebc04e56aca1db884db888c25c82e7dc8c5ab404e27572226a6288 kpatch-patch-4_18_0-553_85_1-debugsource-1-3.el8_10.x86_64.rpm SHA-256: 40eaaa5145040ae18fe484fe3dc11cf8ae4aa9e89afcdcc80111f99c692e2f6a Red Hat Enterprise Linux for Power, little endian 8 SRPM kpatch-patch-4_18_0-553_109_1-1-1.el8_10.src.rpm SHA-256: 28d90af228c482b362ae9d53456321dfcac2ec22659ce774d41192e81c1b04f3 kpatch-patch-4_18_0-553_40_1-1-10.el8_10.src.rpm SHA-256: 0e807747d56199303087602164f03b77f74b50a83360e926432a2575ce95d169 kpatch-patch-4_18_0-553_53_1-1-8.el8_10.src.rpm SHA-256: 06ddb14673abaf39c9b7cb9eb891595b3ed52e453c1fa046416e746a52f8b923 kpatch-patch-4_18_0-553_72_1-1-5.el8_10.src.rpm SHA-256: 510ac3a9387d90f28393491aff8deb08fcf81c2daba155a09fb8ab3fef3ccbef kpatch-patch-4_18_0-553_85_1-1-3.el8_10.src.rpm SHA-256: caca7dfb16b63b077958a332a85e302e44e67e73230d789a992ff37948cbf5ee ppc64le kpatch-patch-4_18_0-553_109_1-1-1.el8_10.ppc64le.rpm SHA-256: 680a2834c5030b9574f181a64ddfbbf812f82539835b4728c4db4f3d4627e68a kpatch-patch-4_18_0-553_109_1-debuginfo-1-1.el8_10.ppc64le.rpm SHA-256: 226ee4763b8909e47d72e0119afbea305cdda15682d67837037ea184682ecc1d kpatch-patch-4_18_0-553_109_1-debugsource-1-1.el8_10.ppc64le.rpm SHA-256: 508183f9639dd08d3095aaecd026b3c34dc5a05ad4292515c1cdaa794f71f0c6 kpatch-patch-4_18_0-553_40_1-1-10.el8_10.ppc64le.rpm SHA-256: da60f9170042eabf86eb960b4047109129e537f00ceb9646a425068a8b32b44b kpatch-patch-4_18_0-553_40_1-debuginfo-1-10.el8_10.ppc64le.rpm SHA-256: ef7c1d2323c61563e2922cd02522aa4b441a7891db53804d6cce6a1d92599749 kpatch-patch-4_18_0-553_40_1-debugsource-1-10.el8_10.ppc64le.rpm SHA-256: 629d06a18bee7f6ddd047aa48adc3b468235fba81aed5e3971ae8b38b8440392 kpatch-patch-4_18_0-553_53_1-1-8.el8_10.ppc64le.rpm SHA-256: a557e6fb48fc2d5f5acdb39a609f6e6f8ebf7dd56f48ac45677c42e59b6b7b9e kpatch-patch-4_18_0-553_53_1-debuginfo-1-8.el8_10.ppc64le.rpm SHA-256: e2620245c024bcb50a7e034d3fe8166b53bed73fc0999ce2cf7b9662776904f3 kpatch-patch-4_18_0-553_53_1-debugsource-1-8.el8_10.ppc64le.rpm SHA-256: 64bc51a7d92305599e86122fe8d9e606908f1b3e1755e5470dd1535c34d461f6 kpatch-patch-4_18_0-553_72_1-1-5.el8_10.ppc64le.rpm SHA-256: 9417cd402a9d0c00cef56b198a1759f178b2dd5a815b849c5a400c6f9e26d1d0 kpatch-patch-4_18_0-553_72_1-debuginfo-1-5.el8_10.ppc64le.rpm SHA-256: f718975b91d0a2a0062cb9ffedb7e2494229ebad8630fc79dcc9d127e0be420e kpatch-patch-4_18_0-553_72_1-debugsource-1-5.el8_10.ppc64le.rpm SHA-256: 962925ac9c75e2aeb4e39b6a6176e66724de73fb5311147d9fcfccfd36d533c9 kpatch-patch-4_18_0-553_85_1-1-3.el8_10.ppc64le.rpm SHA-256: f7c791498c3efc8852c6e8f89b2f1c916ae3bd8d8e387ffd0dfa3b00e4c7c9b3 kpatch-patch-4_18_0-553_85_1-debuginfo-1-3.el8_10.ppc64le.rpm SHA-256: 16eb9ad88c1674ff447df45ef7ef90716d1fbc46c86fd058b2f8a4facac66834 kpatch-patch-4_18_0-553_85_1-debugsource-1-3.el8_10.ppc64le.rpm SHA-256: 184fe923863cee6c06167d33bc68d0c700decdc6931bb4b76dc0c34f11867592 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 SRPM kpatch-patch-4_18_0-553_109_1-1-1.el8_10.src.rpm SHA-256: 28d90af228c482b362ae9d53456321dfcac2ec22659ce774d41192e81c1b04f3 kpatch-patch-4_18_0-553_40_1-1-10.el8_10.src.rpm SHA-256: 0e807747d56199303087602164f03b77f74b50a83360e926432a2575ce95d169 kpatch-patch-4_18_0-553_53_1-1-8.el8_10.src.rpm SHA-256: 06ddb14673abaf39c9b7cb9eb891595b3ed52e453c1fa046416e746a52f8b923 kpatch-patch-4_18_0-553_72_1-1-5.el8_10.src.rpm SHA-256: 510ac3a9387d90f28393491aff8deb08fcf81c2daba155a09fb8ab3fef3ccbef kpatch-patch-4_18_0-553_85_1-1-3.el8_10.src.rpm SHA-256: caca7dfb16b63b077958a332a85e302e44e67e73230d789a992ff37948cbf5ee x86_64 kpatch-patch-4_18_0-553_109_1-1-1.el8_10.x86_64.rpm SHA-256: 73c6ec714c1a53d313b358d5f8a5e2c6ea4674dc8c91216f636a16a8dc0fd227 kpatch-patch-4_18_0-553_109_1-debuginfo-1-1.el8_10.x86_64.rpm SHA-256: 854930df1568eeb4a60a3af141c98badd8b8dba5b5acb64314d6ee18e44f919d kpatch-patch-4_18_0-553_109_1-debugsource-1-1.el8_10.x86_64.rpm SHA-256: 6ab3a76d08f76164b4ceffa1bd0a0e98ab0c2514209a93f1271b620579d1df3a kpatch-patch-4_18_0-553_40_1-1-10.el8_10.x86_64.rpm SHA-256: ab237e99e48ef61dc8171514fa4e3679b04c971d9e45c086ab957c62e33e6efc kpatch-patch-4_18_0-553_40_1-debuginfo-1-10.el8_10.x86_64.rpm SHA-256: f3c864f78348579032ff6d51ed5031720cbfacde914dc7207ef16769c1199d5d kpatch-patch-4_18_0-553_40_1-debugsource-1-10.el8_10.x86_64.rpm SHA-256: 13ef70d7b4ecd5141018f926f2b7fd26a5fb82b20e31a77aaeae36abd292aec1 kpatch-patch-4_18_0-553_53_1-1-8.el8_10.x86_64.rpm SHA-256: 450da602e0213f1cc73a25eac064329d33a91d76788c1cb6a67f30cfb8029e7f kpatch-patch-4_18_0-553_53_1-debuginfo-1-8.el8_10.x86_64.rpm SHA-256: 77ccf110c67dcaac655f5faefe876bd201c1822c930b39d8ff2c72be2dfcc84f kpatch-patch-4_18_0-553_53_1-debugsource-1-8.el8_10.x86_64.rpm SHA-256: aea8b79552f54da0d73c1337b428d1e19d59a8fd9476237ea2bd17ee35f4482e kpatch-patch-4_18_0-553_72_1-1-5.el8_10.x86_64.rpm SHA-256: 1274e661c34662728c6b996beb9ed0c7ef79ac0546672530b5fb5912affff408 kpatch-patch-4_18_0-553_72_1-debuginfo-1-5.el8_10.x86_64.rpm SHA-256: 5f9576213d0f074623c7b074e5362f6f44c14f8001afa027ebb9e6a199f6ef47 kpatch-patch-4_18_0-553_72_1-debugsource-1-5.el8_10.x86_64.rpm SHA-256: 44eb820d48d0c07d0c2562e4894d05ccd70de9aec3c3590b91cd5d465299a801 kpatch-patch-4_18_0-553_85_1-1-3.el8_10.x86_64.rpm SHA-256: 141501d31ec1d0c13b116fa44583e686d671f6842d551d0b3edcaefd2b8a4cf5 kpatch-patch-4_18_0-553_85_1-debuginfo-1-3.el8_10.x86_64.rpm SHA-256: 290f09bd93ebc04e56aca1db884db888c25c8