Copy fail patch check

vonwallace · May 4, 2026, 6:40pm

echo "Loaded check:"
lsmod | grep '^algif_aead' || echo "algif_aead is not loaded"

echo
echo "Block rule check:"
modprobe -c | grep -E '^install algif_aead' || echo "No modprobe block rule found"

Nourpon · May 4, 2026, 7:05pm

when you post something you can explain what is for, because I can post many script I made without explain and lot of people will never understand.

vonwallace · May 4, 2026, 6:31pm

if [ -f /etc/modprobe.d/disable-algif_aead.conf ]; then cat /etc/modprobe.d/disable-algif_aead.conf; else echo "File not found"; fi

Disable algif_aead module due to CVE-2026-31431 (AKA copy.fail)

This will likely be re-enabled in a subsequent update once an updated

kernel has been deployed.

Blacklisting the module isn't sufficient, we need to do as below:

install algif_aead /bin/false

Do we need to run the install command?

Most people will not know about the existance of this file and the readme in it?

Nourpon · May 4, 2026, 7:06pm

I don't understand what you want to say us...

Ponce-De-Leon · May 4, 2026, 8:39pm

I've packed these 2 Things together because they seem to belong together.

Because of the File: It was added because it is the disabling of the Module what is the Problem of the CopyFail Vulnerability. Don't play on the File. You don't have to do anything with it. Don't move or change it to avoid that it doesn't work.