There is a a temporary fix of disabling the algif_aead kernel module posted on CERT and other sites. This affects most Linux distributions and was proven on RHEL 10.1 kernel release 45. Status from CERT as of 4/29 was that the RHEL fix is unknown status. All other versions of Linux are either not fixed or also in an unknown status. This only is a local privilege escalation and is not dire if you do not allow access to the systems from remote sites.
randallb
3
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Rocky 8.10 - CVE-2025-38352 | 24 | 1692 | November 21, 2025 | |
| The Further Experiments of a Vacuous Experimenter | 9 | 691 | August 25, 2023 | |
| Trouble in River City -- Rocky Linux 8.5 Rollover Blew Up | 17 | 2132 | August 25, 2023 | |
| Some errata missing in comparison with RHEL and AlmaLinux | 16 | 4352 | August 25, 2023 | |
| Compiling Openssl 3.0.8 on Rocky Linux 9 | 19 | 10305 | August 25, 2023 |