REM Mitigation for CVE-2026-31431 (algif_aead kernel module abuse)
REM Disables the algif_aead crypto module by blacklisting it via modprobe config
STRING echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
ENTER
REM Attempts to unload the module if currently loaded; ignores error if not present
STRING rmmod algif_aead 2>/dev/null || true
ENTER
REM Verifies the module is no longer loaded (no output = success)
STRING lsmod | grep algif_aead
ENTER
REM Confirms the blacklist config file was written correctly
STRING cat /etc/modprobe.d/disable-algif.conf
ENTER
