A vulnerability (CVE-2026-31431, CVSS 7.8 HIGH) in the Linux kernel's `algif_aead` crypto interface allows for potential exploitation due to an in-place operation issue. The flaw affects Linux kernel versions 4.14 through 5.10.253, 5.11 through 5.15.203, 5.16 through 6.1.169, 6.2 through 6.6.136, and 6.7 through 6.12.84. Red Hat has released live patch modules (`kpatch-patch-5_14_0-611_36_1` and `kpatch-patch-5_14_0-611_9_1`) for RHEL 9 to address this; a system reboot is required for the update to take effect.
Red Hat Product Errata RHSA-2026:15978 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:15978 - Security Advisory Overview Updated Packages Synopsis Important: kpatch-patch-5_14_0-611_36_1 and kpatch-patch-5_14_0-611_9_1 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for multiple packages is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-611.9.1.el9_7. Security Fix(es): kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for Power, little endian 9 ppc64le Fixes BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM kpatch-patch-5_14_0-611_36_1-1-1.el9_7.src.rpm SHA-256: 74db7f52ab60964680b9a8a856fae2f007066311dd7e5509f112b9505089e896 kpatch-patch-5_14_0-611_9_1-1-4.el9_7.src.rpm SHA-256: 98a273d4d136b72ea108a98838543e16e2bffebed45c924c1288929dd9adcdbc x86_64 kpatch-patch-5_14_0-611_36_1-1-1.el9_7.x86_64.rpm SHA-256: 8f341bd104d6135611364f189fa3cfcde992b84d5b6b6b1ebd67a02c11387ff3 kpatch-patch-5_14_0-611_36_1-debuginfo-1-1.el9_7.x86_64.rpm SHA-256: 771738db3052ef3c50a69d4dedce9f8597fa85467e447c549d9ef3249f9513f7 kpatch-patch-5_14_0-611_36_1-debugsource-1-1.el9_7.x86_64.rpm SHA-256: 96dd98fb1b0e8c1658b41ada22c9e1f099a44068e7ed2ada30162a4b70f978db kpatch-patch-5_14_0-611_9_1-1-4.el9_7.x86_64.rpm SHA-256: 6af6f38fabe58343401bb30ebc3f234a151eb8ee8a147a5ec37c52e2be28e4f0 kpatch-patch-5_14_0-611_9_1-debuginfo-1-4.el9_7.x86_64.rpm SHA-256: ee706fdda211401328e0f856c4a07ae892b6b5035706dd980f28c18530cab087 kpatch-patch-5_14_0-611_9_1-debugsource-1-4.el9_7.x86_64.rpm SHA-256: 7536822730303725f4cbf3727df1554a1be28f872a521e30eb594268f3949d0e Red Hat Enterprise Linux for Power, little endian 9 SRPM kpatch-patch-5_14_0-611_36_1-1-1.el9_7.src.rpm SHA-256: 74db7f52ab60964680b9a8a856fae2f007066311dd7e5509f112b9505089e896 kpatch-patch-5_14_0-611_9_1-1-4.el9_7.src.rpm SHA-256: 98a273d4d136b72ea108a98838543e16e2bffebed45c924c1288929dd9adcdbc ppc64le kpatch-patch-5_14_0-611_36_1-1-1.el9_7.ppc64le.rpm SHA-256: ec0a708a8453746b2f4bfc7ebb405b144d37e7d83f80e82ac71f4dbc3015cde8 kpatch-patch-5_14_0-611_36_1-debuginfo-1-1.el9_7.ppc64le.rpm SHA-256: 91a2f8c5a721ec29c00810c40080de67065ef130bcd020d9e9244ecc64dc23e9 kpatch-patch-5_14_0-611_36_1-debugsource-1-1.el9_7.ppc64le.rpm SHA-256: df351f5224a75cd780f927675ba3f404cc44a7ac249634cfd227d9688360193f kpatch-patch-5_14_0-611_9_1-1-4.el9_7.ppc64le.rpm SHA-256: 371ffe37bf5b82d6e82e1c3343233c513d5260df2acb385aaa711cfef3f8280a kpatch-patch-5_14_0-611_9_1-debuginfo-1-4.el9_7.ppc64le.rpm SHA-256: 329a705b7e7d216daf5edd6784aaa5cb5e1e7bb430329b12713a5df40aeefb96 kpatch-patch-5_14_0-611_9_1-debugsource-1-4.el9_7.ppc64le.rpm SHA-256: 16b8d5bfed8bae19d2bebe5eefa150ab63ee674f2bcc803aba7c0d1600f706ac The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .