I don't know what exactly can load this module but the servers are running for many weeks and I suppose that if something will load this module, it stays loaded until the next reboot.. no ?
replyI tried to rmmod on all servers and rmmod always returns `ERROR: Module algif_aead is not currently loaded`, that's why I think it's fine. Of course I take a look on https://security-tracker.debian.org/tracker/CVE-2026-31431 for the updates.
> I don't know what exactly can load this module
replyWell, for one thing, opening an AF_ALG socket, as the exploit does.
rmmod just tells you it's not loaded; you'd have to delete the module to prevent it auto-loading.
reply