Local Privilege Escalation VulnerabilityOn 29 April 2026, a high local privilege escalation vulnerability in the Linux kernel, tracked as CVE-2026-31431 and named “Copy Fail”, was publicly disclosed. The vulnerability affects Manjaro Linux since 2017. A public proof-of-concept exploit has been released.We have patched most of our kernels and released them to our testing and unstable branches:patched kernels are: 5.10.254+, 5.15.204+, 6.1.170+, 6.6.137+, 6.12.85+, 6.18.22+, 6.19.12+, 7.0-rc7+affected kernels are: 6.1.167_rt62, 6.6.133_rt73, 6.12.79_rt17, 6.17.5_rt7 and lowerTemporary MitigationDisable the algif_aead kernel module persistently on all affected systems until a patched kernel is available:# echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf# rmmod algif_aead 2>/dev/null || trueThis workaround does not affect dm-crypt /LUKS, kTLS , IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. It may affect applications explicitly configured to use the afalg engine or that bind aead/skcipher/hash sockets directly. Exposure can be assessed with lsof | grep AF_ALG .– CERT-EU - High Vulnerability in the Linux Kernel (“Copy Fail”)If you check your exposure - sync lsof-package to your system pacman -Syu lsof.What you can doIf you think you are a target for an exploit like this, consider switching to testing branch.sudo pacman-mirrors -aS testing && sudo pacman -SyyuAlert your system administratorIf you are part of a multi-user system running on Manjaro stable branch and kernel 6.18.18 consider informing the administrator responsible for the server you are connecting to. 2 posts - 2 participants Read full topic