A vulnerability (CVE-2026-31431, CVSS 7.8 High) in the Linux kernel's crypto `algif_aead` interface affects kernel versions 4.14 through 5.10.253, 5.11 through 5.15.203, 5.16 through 6.1.169, and 6.2 through 6.6.136. The fix requires applying the provided Red Hat kpatch live patches for the 5.14.0-570 series kernel on RHEL 9.6 EUS and rebooting the system.
Red Hat Product Errata RHSA-2026:16018 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:16018 - Security Advisory Overview Updated Packages Synopsis Important: kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for multiple packages is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-570.17.1.el9_6. Security Fix(es): kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Fixes BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM kpatch-patch-5_14_0-570_17_1-1-13.el9_6.src.rpm SHA-256: bb0614327adf1050d473aea237bee01deed4d74a45c654a972d5246f4dfafd9e kpatch-patch-5_14_0-570_39_1-1-4.el9_6.src.rpm SHA-256: 1cf8fb733535df62dc8a00662d5ed6250815db25cb6e70be881e27ae94fc84da kpatch-patch-5_14_0-570_66_1-1-3.el9_6.src.rpm SHA-256: 63f686d7c54731d0e1106356568beece06b938ccbaa59cba00b99aa80f4c1741 kpatch-patch-5_14_0-570_94_1-1-1.el9_6.src.rpm SHA-256: 62238d277959c0191d88f8442db968746651af16d7d64c775aa729e71a633442 x86_64 kpatch-patch-5_14_0-570_17_1-1-13.el9_6.x86_64.rpm SHA-256: 909ebcfb9022df066d6dadbb88db790da59cd4fadf9d577ff757c61dcd815ace kpatch-patch-5_14_0-570_17_1-debuginfo-1-13.el9_6.x86_64.rpm SHA-256: 8aa0175a10e63018087ee262af0bd4bd8c09901a73acad56df6ad7bcf816c398 kpatch-patch-5_14_0-570_17_1-debugsource-1-13.el9_6.x86_64.rpm SHA-256: d38da59a0f80df41742070ab06b8b041ddc214cdaf4661cdb133a61fadaa754a kpatch-patch-5_14_0-570_39_1-1-4.el9_6.x86_64.rpm SHA-256: 9f8836a503ad1370e15425308d2e74eef76c85c4c10a60e379a7706e50c645bb kpatch-patch-5_14_0-570_39_1-debuginfo-1-4.el9_6.x86_64.rpm SHA-256: 7e8288a0eb95f95580aa699112ad9aba84443705d2680d2c9d7d95d5ec080eaa kpatch-patch-5_14_0-570_39_1-debugsource-1-4.el9_6.x86_64.rpm SHA-256: f69ad491ae3ffb8a8c463e0f9a58a3c110eec54820ee7c5c9a1bcf75765682f7 kpatch-patch-5_14_0-570_66_1-1-3.el9_6.x86_64.rpm SHA-256: d6e194bfef530f3ecc124e9ca08068399d9bef3cc5617cea1586008318978906 kpatch-patch-5_14_0-570_66_1-debuginfo-1-3.el9_6.x86_64.rpm SHA-256: 9f1e5d6175b53030d7b68c84f1e78c42cfe40dcbb9ab26e844ad46f1a5dd677e kpatch-patch-5_14_0-570_66_1-debugsource-1-3.el9_6.x86_64.rpm SHA-256: 2afce0c41034b1295ce8409396e384229079451a67173d5f52193072669ec2ae kpatch-patch-5_14_0-570_94_1-1-1.el9_6.x86_64.rpm SHA-256: d817c42c571a2b769e92212f4e61b51a7542d2b3ebc8d907bf0bb8909f7d8f3c kpatch-patch-5_14_0-570_94_1-debuginfo-1-1.el9_6.x86_64.rpm SHA-256: 8e78f27009811956b20b61a0e84393e5f392bfb6ca82563d9ceb07ae4a9690a2 kpatch-patch-5_14_0-570_94_1-debugsource-1-1.el9_6.x86_64.rpm SHA-256: 2c57696ca4a0aada81517977a849aa68e86e78eee2cae26b0fa60c588f61a1de Red Hat Enterprise Linux Server - AUS 9.6 SRPM kpatch-patch-5_14_0-570_17_1-1-13.el9_6.src.rpm SHA-256: bb0614327adf1050d473aea237bee01deed4d74a45c654a972d5246f4dfafd9e kpatch-patch-5_14_0-570_39_1-1-4.el9_6.src.rpm SHA-256: 1cf8fb733535df62dc8a00662d5ed6250815db25cb6e70be881e27ae94fc84da kpatch-patch-5_14_0-570_66_1-1-3.el9_6.src.rpm SHA-256: 63f686d7c54731d0e1106356568beece06b938ccbaa59cba00b99aa80f4c1741 kpatch-patch-5_14_0-570_94_1-1-1.el9_6.src.rpm SHA-256: 62238d277959c0191d88f8442db968746651af16d7d64c775aa729e71a633442 x86_64 kpatch-patch-5_14_0-570_17_1-1-13.el9_6.x86_64.rpm SHA-256: 909ebcfb9022df066d6dadbb88db790da59cd4fadf9d577ff757c61dcd815ace kpatch-patch-5_14_0-570_17_1-debuginfo-1-13.el9_6.x86_64.rpm SHA-256: 8aa0175a10e63018087ee262af0bd4bd8c09901a73acad56df6ad7bcf816c398 kpatch-patch-5_14_0-570_17_1-debugsource-1-13.el9_6.x86_64.rpm SHA-256: d38da59a0f80df41742070ab06b8b041ddc214cdaf4661cdb133a61fadaa754a kpatch-patch-5_14_0-570_39_1-1-4.el9_6.x86_64.rpm SHA-256: 9f8836a503ad1370e15425308d2e74eef76c85c4c10a60e379a7706e50c645bb kpatch-patch-5_14_0-570_39_1-debuginfo-1-4.el9_6.x86_64.rpm SHA-256: 7e8288a0eb95f95580aa699112ad9aba84443705d2680d2c9d7d95d5ec080eaa kpatch-patch-5_14_0-570_39_1-debugsource-1-4.el9_6.x86_64.rpm SHA-256: f69ad491ae3ffb8a8c463e0f9a58a3c110eec54820ee7c5c9a1bcf75765682f7 kpatch-patch-5_14_0-570_66_1-1-3.el9_6.x86_64.rpm SHA-256: d6e194bfef530f3ecc124e9ca08068399d9bef3cc5617cea1586008318978906 kpatch-patch-5_14_0-570_66_1-debuginfo-1-3.el9_6.x86_64.rpm SHA-256: 9f1e5d6175b53030d7b68c84f1e78c42cfe40dcbb9ab26e844ad46f1a5dd677e kpatch-patch-5_14_0-570_66_1-debugsource-1-3.el9_6.x86_64.rpm SHA-256: 2afce0c41034b1295ce8409396e384229079451a67173d5f52193072669ec2ae kpatch-patch-5_14_0-570_94_1-1-1.el9_6.x86_64.rpm SHA-256: d817c42c571a2b769e92212f4e61b51a7542d2b3ebc8d907bf0bb8909f7d8f3c kpatch-patch-5_14_0-570_94_1-debuginfo-1-1.el9_6.x86_64.rpm SHA-256: 8e78f27009811956b20b61a0e84393e5f392bfb6ca82563d9ceb07ae4a9690a2 kpatch-patch-5_14_0-570_94_1-debugsource-1-1.el9_6.x86_64.rpm SHA-256: 2c57696ca4a0aada81517977a849aa68e86e78eee2cae26b0fa60c588f61a1de Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM kpatch-patch-5_14_0-570_17_1-1-13.el9_6.src.rpm SHA-256: bb0614327adf1050d473aea237bee01deed4d74a45c654a972d5246f4dfafd9e kpatch-patch-5_14_0-570_39_1-1-4.el9_6.src.rpm SHA-256: 1cf8fb733535df62dc8a00662d5ed6250815db25cb6e70be881e27ae94fc84da kpatch-patch-5_14_0-570_66_1-1-3.el9_6.src.rpm SHA-256: 63f686d7c54731d0e1106356568beece06b938ccbaa59cba00b99aa80f4c1741 kpatch-patch-5_14_0-570_94_1-1-1.el9_6.src.rpm SHA-256: 62238d277959c0191d88f8442db968746651af16d7d64c775aa729e71a633442 ppc64le kpatch-patch-5_14_0-570_17_1-1-13.el9_6.ppc64le.rpm SHA-256: ef0b6f611a47d7a9d8903c1848cf24188e188875230af192270a8d192f3df658 kpatch-patch-5_14_0-570_17_1-debuginfo-1-13.el9_6.ppc64le.rpm SHA-256: 614acc6a44e0d3160df49516faf499251e18f45f0080fc6cfcb6ae18b449ccfa kpatch-patch-5_14_0-570_17_1-debugsource-1-13.el9_6.ppc64le.rpm SHA-256: dfce2ff0dab76b49bc4758f80aa6628b0463a27f212a68ccef12b386aab06dd5 kpatch-patch-5_14_0-570_39_1-1-4.el9_6.ppc64le.rpm SHA-256: d941ee5ab6b79cede2cdec6f0681e099296dbd8732d2c2dd535ab770555a6b3c kpatch-patch-5_14_0-570_39_1-debuginfo-1-4.el9_6.ppc64le.rpm SHA-256: 01d8ff640461ac0efbe50daeb788d0be3c6dcbe41fbeeb6da0460fbd2bf2beb8 kpatch-patch-5_14_0-570_39_1-debugsource-1-4.el9_6.ppc64le.rpm SHA-256: 9aef787045c26f8c97e4a955d45985b03ba623cd338231d12b06ddadc94ebcde kpatch-patch-5_14_0-570_66_1-1-3.el9_6.ppc64le.rpm SHA-256: 2b4468fd0fa33da00729309788b96917e874944833c4f14a3c8f8e31bba790be kpatch-patch-5_14_0-570_66_1-debuginfo-1-3.el9_6.ppc64le.rpm SHA-256: 0f2c49a5dfbddc0578a11437da8051fa2c804ef23b5e460e49af6147b323a4b8 kpatch-patch-5_14_0-570_66_1-debugsource-1-3.el9_6.ppc64le.rpm SHA-256: 70db47cd8e1b6be6d0c08ace4362cda702953992ec6f2c80d9ff527e810b70d2 kpatch-patch-5_14_0-570_94_1-1-1.el9_6.ppc64le.rpm SHA-256: 263e2ebb0c990a4ded5f64703af50f7d22cb043c7e0c5a73e0355569d8c3e4ca kpatch-patch-5_14_0-570_94_1-debuginfo-1-1.el9_6.ppc64le.rpm SHA-256: 28812cd734f76102169428ebe73891f9d7ae93feedfd49c55192c014fe310f52 kpatch-patch-5_14_0-570_94_1-debugsource-1-1.el9_6.ppc64le.rpm SHA-256: 9530f6e6affcb44637dc56e22ea78d42f4e056bc9d350a9765f473a95b2e7c23 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM kpatch-patch-5_14_0-570_17_1-1-13.el9_6.src.rpm SHA-256: bb0614327adf1050d473aea237bee01deed4d74a45c654a972d5246f4dfafd9e kpatch-patch-5_14_0-570_39_1-1-4.el9_6.src.rpm SHA-256: 1cf8fb733535df62dc8a00662d5ed6250815db25cb6e70be881e27ae94fc84da kpatch-patch-5_14_0-570_66_1-1-3.el9_6.src.rpm SHA-256: 63f686d7c54731d0e1106356568beece06b938ccbaa59cba00b99aa80f4c1741 kpatch-patch-5_14_0-570_94_1-1-1.el9_6.src.rpm SHA-256: 62238d277959c0191d88f8442db968746651af16d7d64c775aa729e71a633442 ppc64le kpatch-patch-5_14_0-570_17_1-1-13.el9_6.ppc64le.rpm SHA-256: ef0b6f611a47d7a9d8903c1848cf24188e188875230af192270a8d192f3df658 kpatch-patch-5_14_0-570_17_1-debuginfo-1-13.el9_6.ppc64le.rpm SHA-256: 614acc6a44e0d3160df49516faf499251e18f45f0080fc6cfcb6ae18b449ccfa kpatch-patch-5_14_0-570_17_1-debugsource-1-13.el9_6.ppc64le.rpm SHA-256: dfce2ff0dab76b49bc4758f80aa6628b0463a27f212a68ccef12b386aab06dd5 kpatch-patch-5_14_0-570_39_1-1-4.el9_6.ppc64le.rpm SHA-256: d941ee5ab6b79cede2cdec6f0681e099296dbd8732d2c2dd535ab770555a6b3c kpatch-patch-5_14_0-570_39_1-debuginfo-