A critical vulnerability tracked as CVE-2026-31431 affects virtually every mainstream Linux distribution released between 2017 and April 2026, allowing any unprivileged local user to gain complete root access to the system. The flaw resides in the kernel's crypto API (AF_ALG), specifically in the algif_aead module that ships enabled by default in standard configurations across Ubuntu, Red Hat Enterprise Linux, Amazon Linux, SUSE, Debian, Arch, Fedora, and numerous other distributions. The vulner...