CVE-2026-31431 is a local privilege escalation in the Linux kernel crypto API. Red Hat rates it Important (CVSS 7.8). Affected are RHEL 8, 9 and 10 (kernel and kernel-rt) and OpenShift Container Platform 4. As of 2026-05-01 the patches have not been shipped yet. Until they are, the official boot-parameter mitigation should be applied on every RHEL host immediately.
Firewall Builder (fwbuilder) has no nftables support and has not been actively developed for years. FirewallFabrik is its modern successor: a complete rewrite in Python and Qt6 with native nftables support, seamless migration of existing .fwb files, and a GUI that feels just like the original.
Nextcloud offers three layers of encryption: transport encryption (TLS), Server-Side Encryption (SSE) and End-to-End Encryption (E2EE). Which one fits when, and what we run at Linuxfabrik.
The Center for Internet Security (CIS) recommends a partitioning scheme for RHEL and compatible distributions, with several directories like /home, /tmp, /var and /var/log on their own partitions. Using the Logical Volume Manager (LVM) keeps the administrative effort for later resizing manageable.
