For mitigation of CVE-2026-31431 it was advised by security team to disable the kernel module 'algif_aead'.

Would disabling this module cause issue with PAMSC?

Product: Privileged Access Manager - Server Control (PAMSC)
Operating System: Linux
Vulnerability: CVE-2026-31431

You can safely disable the 'algif_aead' kernel module in your PAMSC environment. Disabling this module does not impact PAMSC functionality, policy enforcement, or daemon operations.

PAMSC and the 'algif_aead' module operate independently due to the following reasons:

1.  Role of the seos Module: The 'seos' kernel module (SEOS_syscall) functions as a system call interception and access control engine. It hooks into the operating system to evaluate events against your security policies. It operates exclusively within access control, file integrity, and process monitoring.
2.  Role of the algif_aead Module: This module provides the 'AF_ALG' interface, which is a socket-based API allowing userspace applications to access kernel cryptographic algorithms.
3.  Cryptographic Independence: PAMSC does not rely on the 'AF_ALG' interface or the `algif_aead` module. Instead, PAMSC utilizes its own CAPKI encryption libraries, which provide FIPS 140-2 compliant AES, SHA, and TLS functionalities, alongside native OS 'crypt()' methods in userspace.

You can apply the standard vendor-recommended mitigation for CVE-2026-31431 by following these steps:

1.  Add 'install algif_aead /bin/false' to your
    '/etc/modprobe.d/####.conf' configuration file.
2.  Remove the module from the current runtime.

These actions secure your servers against the vulnerability without causing a PAMSC outage or affecting supportability.