On Tue, Jun 23, 2026 at 10:42:34AM +0200, Bastien Nocera wrote: > Hello Eric, > > On Mon, 2026-06-22 at 16:48 -0700, Eric Biggers wrote: > > AF_ALG is a frequent source of vulnerabilities and a maintenance > > nightmare. It exposes far more functionality to userspace than ever > > should have been exposed, especially to unprivileged processes. > > Recent > > exploits have targeted kernel internal implementation details like > > "authencesn" that have zero use case for userspace access. > > You should also CC: [email protected] for AF_ALG related changes, as > ell uses AF_ALG extensively for crypto and checksumming. > > Cheers
The known users of libell (iwd and bluez) are already taken into account. - Eric
