[jayofdoom]

This workaround only applies to kernels with the impacted code compiled as a module. RHEL, Fedora, and Gentoo (we use a modified Fedora config) all are configured to build this in directly. Without a patch or config change (as Sam from Gentoo was alluding to), those distributions remain vulnerable.

[jcul]

There was some discussion on the GitHub issues about workarounds to disable it, even though it is baked in.

https://github.com/theori-io/copy-fail-CVE-2026-31431/issues...

https://github.com/theori-io/copy-fail-CVE-2026-31431/issues...

[pitrdevries]

This worked as a mitigation on distros with the module compiled into the kernel: https://gist.github.com/m3nu/c19269ef4fd6fa53b03eb388f77464d...

Basically: sudo grubby --update-kernel=ALL --args=initcall_blacklist=algif_aead_init

sudo reboot

[ranger_danger]

For compiled-in kernels you can also work around it without rebooting via apparmor, seccomp or SELinux at the least, there may be eBPF or other methods too.

[akdev1l]

F44 is safe as the kernel is greater than 6.18.22