An ansible playbook to mitigate the copy-fail vulnerability
Summary
This gist provides an Ansible playbook to mitigate CVE-2026-31431 (copy-fail) by unloading and blacklisting the algif_aead kernel module. It includes tasks to detect module references, unload when safe, prevent reloading, and update initramfs via a handler. It's a practical example of automated security hardening using Ansible for Linux environments.