From e22d75cf356c32bb3d0670ae77ee008b9951fa42 Mon Sep 17 00:00:00 2001
From: Jon <git@jonstarkey.co.uk>
Date: Sat, 2 May 2026 00:13:11 +0100
Subject: [PATCH] Added mitigation script

---
 badusb/mitigate.txt | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100755 badusb/mitigate.txt

diff --git a/badusb/mitigate.txt b/badusb/mitigate.txt
new file mode 100755
index 0000000..fb3936a
--- /dev/null
+++ b/badusb/mitigate.txt
@@ -0,0 +1,13 @@
+REM Mitigation for CVE-2026-31431 (algif_aead kernel module abuse)
+REM Disables the algif_aead crypto module by blacklisting it via modprobe config
+STRING echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
+ENTER
+REM Attempts to unload the module if currently loaded; ignores error if not present
+STRING rmmod algif_aead 2>/dev/null || true
+ENTER
+REM Verifies the module is no longer loaded (no output = success)
+STRING lsmod | grep algif_aead
+ENTER
+REM Confirms the blacklist config file was written correctly
+STRING cat /etc/modprobe.d/disable-algif.conf
+ENTER