[42wim]

I've (well, mostly Claude did) created a module that unloads the active AF_ALG (builtin) module and mitigates the exploit without having to reboot.

Tested on almalinux8/9

https://gist.github.com/42wim/2e3cc3c92333e4c2730541e6f0e038...

YMMV

[zackr]

looking good to me so far, thank you!