This Important security update addresses CVE-2026-31431 (CVSS 7.8 High), a vulnerability in the Linux kernel's `algif_aead` crypto interface. The flaw affects a wide range of kernel versions, specifically Linux kernels from 4.14 through 5.10.253, 5.11 through 5.15.203, 5.16 through 6.1.169, 6.2 through 6.6.136, and 6.7 through 6.12.84. Red Hat has provided live patch modules for RHEL 9.4 Extended Update Support kernels, requiring a system reboot for the update to take effect.
Red Hat Product Errata RHSA-2026:16063 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:16063 - Security Advisory Overview Updated Packages Synopsis Important: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_106_1, kpatch-patch-5_14_0-427_113_1, kpatch-patch-5_14_0-427_55_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for multiple packages is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-427.55.1.el9_4. Security Fix(es): kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Fixes BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM kpatch-patch-5_14_0-427_100_1-1-3.el9_4.src.rpm SHA-256: 04d291fa579a6f30f9ecc71d74393ecea71da1d88e84475acfaa4b45888acad3 kpatch-patch-5_14_0-427_113_1-1-1.el9_4.src.rpm SHA-256: f02c6adddb94b8a2a297e3d20857132184cb7204473473d6a0cdb76db87ceab5 kpatch-patch-5_14_0-427_55_1-1-13.el9_4.src.rpm SHA-256: a85243584eb336afd488488a6803db78939594dbc0c65de290e9a87d09758f05 kpatch-patch-5_14_0-427_68_2-1-10.el9_4.src.rpm SHA-256: feedcd7713c23ab84c7fb434ef7a2824082b54a5463939350c31ff13d07ce044 kpatch-patch-5_14_0-427_84_1-1-5.el9_4.src.rpm SHA-256: e7b9dbe7f9d21d935ce4e56bad7149b6840c85b02ac9b4ebc3b9e5390e02eb2c x86_64 kpatch-patch-5_14_0-427_100_1-1-3.el9_4.x86_64.rpm SHA-256: b4756c7c3a83514411de1d9f226545973378dffdafa274f1255b353133e0c86c kpatch-patch-5_14_0-427_100_1-debuginfo-1-3.el9_4.x86_64.rpm SHA-256: 5cba1f94bd6e7e9714d3a35d0351fd7d2865b39db4427c7e679cf2be89bb8131 kpatch-patch-5_14_0-427_100_1-debugsource-1-3.el9_4.x86_64.rpm SHA-256: eb4cfcaf2a1705e3b4eaef280d8884c514cf38f6c637ca6f5659878839e3aa1b kpatch-patch-5_14_0-427_113_1-1-1.el9_4.x86_64.rpm SHA-256: c76e0fe9217cae9732f6af2deb3e8a150ff6a870645617485dec732131371f57 kpatch-patch-5_14_0-427_113_1-debuginfo-1-1.el9_4.x86_64.rpm SHA-256: 85e655b264d3a3717fbd1e64b114e5e06858d2b48568c4d06561f68c965b8114 kpatch-patch-5_14_0-427_113_1-debugsource-1-1.el9_4.x86_64.rpm SHA-256: 5f151530c8e51a188b5625ae26638651586cdc9d330ea1308e29d71e321c843d kpatch-patch-5_14_0-427_55_1-1-13.el9_4.x86_64.rpm SHA-256: ea6941f7facfc4e109c70ed6a1404656e474f0532b5db40653d86d96d478d901 kpatch-patch-5_14_0-427_55_1-debuginfo-1-13.el9_4.x86_64.rpm SHA-256: 3869812cdaadb15e4ac51750e7c3b756574aca1e752351335a9ee6cccaefb572 kpatch-patch-5_14_0-427_55_1-debugsource-1-13.el9_4.x86_64.rpm SHA-256: 4a355f88ff979c08c99e46846e2ee389c8091f0fe740f1a76f00b2b4c94d59d5 kpatch-patch-5_14_0-427_68_2-1-10.el9_4.x86_64.rpm SHA-256: 55a15cd3299eff3ea0e52ab56095332764e39006c0cde2865ce1653dd3713f19 kpatch-patch-5_14_0-427_68_2-debuginfo-1-10.el9_4.x86_64.rpm SHA-256: ecb1a7fb608d64b1863d39a5bbbe16468a31d5c0e0ae248b8e91c752e847d499 kpatch-patch-5_14_0-427_68_2-debugsource-1-10.el9_4.x86_64.rpm SHA-256: 032db50ef8d66ec96b72e2adb4924901925fec3e99815666d8b3699b3d6112c3 kpatch-patch-5_14_0-427_84_1-1-5.el9_4.x86_64.rpm SHA-256: 6112a672dd5a222a08da27c9e56ca47c788dfa160b9f27127dcce7acaf9108b5 kpatch-patch-5_14_0-427_84_1-debuginfo-1-5.el9_4.x86_64.rpm SHA-256: a2813c58f47a6987fdeb8a66da9d646cd6652a38a61136975b8033bcdba4e341 kpatch-patch-5_14_0-427_84_1-debugsource-1-5.el9_4.x86_64.rpm SHA-256: 1180a7e942a1abed2e4a5234a3c1eedf0760d686497c76c03b514315ab9cedae Red Hat Enterprise Linux Server - AUS 9.4 SRPM kpatch-patch-5_14_0-427_100_1-1-3.el9_4.src.rpm SHA-256: 04d291fa579a6f30f9ecc71d74393ecea71da1d88e84475acfaa4b45888acad3 kpatch-patch-5_14_0-427_113_1-1-1.el9_4.src.rpm SHA-256: f02c6adddb94b8a2a297e3d20857132184cb7204473473d6a0cdb76db87ceab5 kpatch-patch-5_14_0-427_55_1-1-13.el9_4.src.rpm SHA-256: a85243584eb336afd488488a6803db78939594dbc0c65de290e9a87d09758f05 kpatch-patch-5_14_0-427_68_2-1-10.el9_4.src.rpm SHA-256: feedcd7713c23ab84c7fb434ef7a2824082b54a5463939350c31ff13d07ce044 kpatch-patch-5_14_0-427_84_1-1-5.el9_4.src.rpm SHA-256: e7b9dbe7f9d21d935ce4e56bad7149b6840c85b02ac9b4ebc3b9e5390e02eb2c x86_64 kpatch-patch-5_14_0-427_100_1-1-3.el9_4.x86_64.rpm SHA-256: b4756c7c3a83514411de1d9f226545973378dffdafa274f1255b353133e0c86c kpatch-patch-5_14_0-427_100_1-debuginfo-1-3.el9_4.x86_64.rpm SHA-256: 5cba1f94bd6e7e9714d3a35d0351fd7d2865b39db4427c7e679cf2be89bb8131 kpatch-patch-5_14_0-427_100_1-debugsource-1-3.el9_4.x86_64.rpm SHA-256: eb4cfcaf2a1705e3b4eaef280d8884c514cf38f6c637ca6f5659878839e3aa1b kpatch-patch-5_14_0-427_113_1-1-1.el9_4.x86_64.rpm SHA-256: c76e0fe9217cae9732f6af2deb3e8a150ff6a870645617485dec732131371f57 kpatch-patch-5_14_0-427_113_1-debuginfo-1-1.el9_4.x86_64.rpm SHA-256: 85e655b264d3a3717fbd1e64b114e5e06858d2b48568c4d06561f68c965b8114 kpatch-patch-5_14_0-427_113_1-debugsource-1-1.el9_4.x86_64.rpm SHA-256: 5f151530c8e51a188b5625ae26638651586cdc9d330ea1308e29d71e321c843d kpatch-patch-5_14_0-427_55_1-1-13.el9_4.x86_64.rpm SHA-256: ea6941f7facfc4e109c70ed6a1404656e474f0532b5db40653d86d96d478d901 kpatch-patch-5_14_0-427_55_1-debuginfo-1-13.el9_4.x86_64.rpm SHA-256: 3869812cdaadb15e4ac51750e7c3b756574aca1e752351335a9ee6cccaefb572 kpatch-patch-5_14_0-427_55_1-debugsource-1-13.el9_4.x86_64.rpm SHA-256: 4a355f88ff979c08c99e46846e2ee389c8091f0fe740f1a76f00b2b4c94d59d5 kpatch-patch-5_14_0-427_68_2-1-10.el9_4.x86_64.rpm SHA-256: 55a15cd3299eff3ea0e52ab56095332764e39006c0cde2865ce1653dd3713f19 kpatch-patch-5_14_0-427_68_2-debuginfo-1-10.el9_4.x86_64.rpm SHA-256: ecb1a7fb608d64b1863d39a5bbbe16468a31d5c0e0ae248b8e91c752e847d499 kpatch-patch-5_14_0-427_68_2-debugsource-1-10.el9_4.x86_64.rpm SHA-256: 032db50ef8d66ec96b72e2adb4924901925fec3e99815666d8b3699b3d6112c3 kpatch-patch-5_14_0-427_84_1-1-5.el9_4.x86_64.rpm SHA-256: 6112a672dd5a222a08da27c9e56ca47c788dfa160b9f27127dcce7acaf9108b5 kpatch-patch-5_14_0-427_84_1-debuginfo-1-5.el9_4.x86_64.rpm SHA-256: a2813c58f47a6987fdeb8a66da9d646cd6652a38a61136975b8033bcdba4e341 kpatch-patch-5_14_0-427_84_1-debugsource-1-5.el9_4.x86_64.rpm SHA-256: 1180a7e942a1abed2e4a5234a3c1eedf0760d686497c76c03b514315ab9cedae Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 SRPM kpatch-patch-5_14_0-427_100_1-1-3.el9_4.src.rpm SHA-256: 04d291fa579a6f30f9ecc71d74393ecea71da1d88e84475acfaa4b45888acad3 kpatch-patch-5_14_0-427_113_1-1-1.el9_4.src.rpm SHA-256: f02c6adddb94b8a2a297e3d20857132184cb7204473473d6a0cdb76db87ceab5 kpatch-patch-5_14_0-427_55_1-1-13.el9_4.src.rpm SHA-256: a85243584eb336afd488488a6803db78939594dbc0c65de290e9a87d09758f05 kpatch-patch-5_14_0-427_68_2-1-10.el9_4.src.rpm SHA-256: feedcd7713c23ab84c7fb434ef7a2824082b54a5463939350c31ff13d07ce044 kpatch-patch-5_14_0-427_84_1-1-5.el9_4.src.rpm SHA-256: e7b9dbe7f9d21d935ce4e56bad7149b6840c85b02ac9b4ebc3b9e5390e02eb2c ppc64le kpatch-patch-5_14_0-427_100_1-1-3.el9_4.ppc64le.rpm SHA-256: 9785f842cf16f7459a76cfc88580ef089511658512fb9191f7787743eb641fab kpatch-patch-5_14_0-427_100_1-debuginfo-1-3.el9_4.ppc64le.rpm SHA-256: 0e5e7c613049049de2067350eb6e55813c86a5b8a0bb9a3f15b7ad15b7db82c0 kpatch-patch-5_14_0-427_100_1-debugsource-1-3.el9_4.ppc64le.rpm SHA-256: a2eeb7ddbad36b256ed03dc31a63f682166fdf213240b38886c8342c54fb7805 kpatch-patch-5_14_0-427_113_1-1-1.el9_4.ppc64le.rpm SHA-256: f155bdd86963b405dd27f9015af74cd25f66362c024c3f29badd9f631d0ca475 kpatch-patch-5_14_0-427_113_1-debuginfo-1-1.el9_4.ppc64le.rpm SHA-256: c259ee2fc3139d9adae38334cd09005d437fa28dde661d9c2323efab7475faf2 kpatch-patch-5_14_0-427_113_1-debugsource-1-1.el9_4.ppc64le.rpm SHA-256: 96982eea5c2206c6785c56a7f0fc22e0bec1d6cd92d157f30873dda14a22d2d5 kpatch-patch-5_14_0-427_55_1-1-13.el9_4.ppc64le.rpm SHA-256: 0842683927b78f6e1ad9984643a4bde3f5323bcadf738d31589dcbc2508e56ad kpatch-patch-5_14_0-427_55_1-debuginfo-1-13.el9_4.ppc64le.rpm SHA-256: ba02f305f12327dee616730447bb0b1872104378778ef333d5ecbe7a35caf768 kpatch-patch-5_14_0-427_55_1-debugsource-1-13.el9_4.ppc64le.rpm SHA-256: 4b9970365292f14a7a440f8b0f96fa2b065bed01ef7af166f78841333f8ea894 kpatch-patch-5_14_0-427_68_2-1-10.el9_4.ppc64le.rpm SHA-256: f73dd9df2048fccdc410c6daa28876d599b386a5487dfd5ee3f6004f31d53392 kpatch-patch-5_14_0-427_68_2-debuginfo-1-10.el9_4.ppc64le.rpm SHA-256: 7c33e6ccbe5e9b5f999e185127ff7a57d616badd70d203f79dba69348d0656a1 kpatch-patch-5_14_0-427_68_2-debugs