CVE-2026-31431 is a local privilege escalation in the Linux kernel crypto API. Red Hat rates it Important (CVSS 7.8). Affected are RHEL 8, 9 and 10 (kernel and kernel-rt) and OpenShift Container Platform 4. As of 2026-05-01 the patches have not been shipped yet. Until they are, the official boot-parameter mitigation should be applied on every RHEL host immediately.
Firewall Builder (fwbuilder) has no nftables support and has not been actively developed for years. FirewallFabrik is its modern successor: a complete rewrite in Python and Qt6 with native nftables support, seamless migration of existing .fwb files, and a GUI that feels just like the original.
