CVE-2026-31431 (GCVE-0-2026-31431)
Vulnerability from cvelistv5 – Published: 2026-04-22 08:15 – Updated: 2026-05-18 17:44
VLAI?
CISA KEV
CIRCL
Title
crypto: algif_aead - Revert to operating out-of-place
Summary
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to operating out-of-place
This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.
There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.
Severity ?
7.8 (High)
CWE
- CWE-669 - Incorrect Resource Transfer Between Spheres
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 893d22e0135fa394db81df88697fba6032747667
(git)
Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 19d43105a97be0810edbda875f2cd03f30dc130c (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 961cfa271a918ad4ae452420e7c303149002875b (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 3115af9644c342b356f3f07a4dd1c8905cd9a6fc (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 8b88d99341f139e23bdeb1027a2a3ae10d341d82 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < ce42ee423e58dffa5ec03524054c9d8bfd4f6237 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 (git) |
|
| Linux | Linux |
Affected:
4.14
Unaffected: 0 , < 4.14 (semver) Unaffected: 5.10.254 , ≤ 5.10.* (semver) Unaffected: 5.15.204 , ≤ 5.15.* (semver) Unaffected: 6.1.170 , ≤ 6.1.* (semver) Unaffected: 6.6.137 , ≤ 6.6.* (semver) Unaffected: 6.12.85 , ≤ 6.12.* (semver) Unaffected: 6.18.22 , ≤ 6.18.* (semver) Unaffected: 6.19.12 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix) |
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: ff00c791-06de-48b9-8f44-1f3913c1dae2
Exploited: Yes
Timestamps
First Seen: 2026-05-01
Asserted: 2026-05-01
Scope
Notes: KEV entry: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability | Affected: Linux / Kernel | Description: Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation. | Required action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-05-15 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-699 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Kernel |
| Due Date | 2026-05-15 |
| Date Added | 2026-05-01 |
| Vendorproject | Linux |
| Vulnerabilityname | Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-05-01 19:00 UTC
| Updated: 2026-05-01 19:00 UTC
CIRCL
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 3e01e7d3-c2be-4035-865c-115c5aef1b92
Exploited: Yes
Alternative IDs:
[]
Characteristics
Remote Code Execution:
No
Authentication Required:
Yes
Local Access Required:
Yes
Timestamps
First Seen: 2026-05-02
Asserted: 2026-05-04
Last Seen: 2026-05-04
Evidence
Type: Incident Response
Signal: Successful Exploitation
Source: Host logs
Details
| Note | Seen exploited on a system giving shell access to users. |
|---|
Created: 2026-05-04 07:19 UTC
| Updated: 2026-05-04 07:19 UTC
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-31431",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-05-01",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-669",
"description": "CWE-669 Incorrect Resource Transfer Between Spheres",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-02T03:55:23.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/theori-io/copy-fail-CVE-2026-31431"
},
{
"tags": [
"mitigation"
],
"url": "https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"
},
{
"tags": [
"mitigation"
],
"url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"
},
{
"tags": [
"mitigation"
],
"url": "https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-01T00:00:00.000Z",
"value": "CVE-2026-31431 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-18T17:44:54.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/29/23"
},
{
"url": "https://copy.fail"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/29/25"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/29/26"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/11"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/14"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/15"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/16"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/17"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/18"
},
{
"url": "https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/30/20"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/15"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/16"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/17"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/18"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/22"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/23"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/24"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/14"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/15"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/16"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/17"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/18"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/19"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/20"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/21"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/23"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/24"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/02/25"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/03/13"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/10"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/11"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/13"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/14"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/9"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/24"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/27"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/28"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/29"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/31"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/06/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/07/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/07/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/08/13"
},
{
"url": "https://www.kb.cert.org/vuls/id/260001"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/18/3"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:09:03.910Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"crypto/af_alg.c",
"crypto/algif_aead.c",
"crypto/algif_skcipher.c",
"include/crypto/if_alg.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "893d22e0135fa394db81df88697fba6032747667",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "19d43105a97be0810edbda875f2cd03f30dc130c",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "961cfa271a918ad4ae452420e7c303149002875b",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "3115af9644c342b356f3f07a4dd1c8905cd9a6fc",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "8b88d99341f139e23bdeb1027a2a3ae10d341d82",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "ce42ee423e58dffa5ec03524054c9d8bfd4f6237",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
},
{
"lessThan": "a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5",
"status": "affected",
"version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"crypto/af_alg.c",
"crypto/algif_aead.c",
"crypto/algif_skcipher.c",
"include/crypto/if_alg.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.14"
},
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.254",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.204",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.170",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.137",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.85",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.22",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.254",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.204",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.170",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.137",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.85",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.22",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.12",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T22:08:34.612Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667"
},
{
"url": "https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c"
},
{
"url": "https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b"
},
{
"url": "https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc"
},
{
"url": "https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82"
},
{
"url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
},
{
"url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
},
{
"url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
}
],
"title": "crypto: algif_aead - Revert to operating out-of-place",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-31431",
"datePublished": "2026-04-22T08:15:10.123Z",
"dateReserved": "2026-03-09T15:48:24.089Z",
"dateUpdated": "2026-05-18T17:44:54.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2026-31431",
"cwes": "[\"CWE-669\"]",
"dateAdded": "2026-05-01",
"dueDate": "2026-05-15",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431",
"product": "Kernel",
"requiredAction": "\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.",
"vendorProject": "Linux",
"vulnerabilityName": "Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability"
},
"epss": {
"cve": "CVE-2026-31431",
"date": "2026-05-21",
"epss": "0.0257",
"percentile": "0.85719"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-31431\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-04-22T09:16:21.270\",\"lastModified\":\"2026-05-21T19:52:35.217\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: algif_aead - Revert to operating out-of-place\\n\\nThis mostly reverts commit 72548b093ee3 except for the copying of\\nthe associated data.\\n\\nThere is no benefit in operating in-place in algif_aead since the\\nsource and destination come from different mappings. Get rid of\\nall the complexity added for in-place operation and just copy the\\nAD directly.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2026-05-01\",\"cisaActionDue\":\"2026-05-15\",\"cisaRequiredAction\":\"\\\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability\",\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-669\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"5.10.254\",\"matchCriteriaId\":\"24B62F9A-357D-465D-97EB-2819B1CD663C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.204\",\"matchCriteriaId\":\"FA800016-0012-4E3F-A528-2A7F378A0A4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.170\",\"matchCriteriaId\":\"E6653854-B188-42DD-B8C5-0143F1956AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.137\",\"matchCriteriaId\":\"3CA3EF52-168A-4348-8F5F-356C9EB69261\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.85\",\"matchCriteriaId\":\"F17D292D-A9B5-4DC7-8002-51AB95335606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.22\",\"matchCriteriaId\":\"C9DF8BCE-36D3-475D-9D21-19E4F02F9029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.12\",\"matchCriteriaId\":\"0A2B9540-02D5-41B4-B16A-82AF66FD4F36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F253B622-8837-4245-BCE5-A7BF8FC76A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F666C8D8-6538-46D4-B318-87610DE64C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02259FDA-961B-47BC-AE7F-93D7EC6E90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2315C0-D46F-4F85-9754-F9E5E11374A6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A751E0D-F417-4230-9C1F-A9AA43F6D8ED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amazon:amazon_linux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8699C74-BF90-4CF8-9285-32576DB1FE2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"019A2188-0877-45DE-8512-F0BF70DD179C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"204FC6CC-9DAC-45FB-8A9F-C9C8EDD29D54\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"090F0D1A-6BF8-4810-8942-3FFE4FBF7FE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE80EB04-7F9D-4C0B-85DB-4A13DEACB5E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E79D3E16-E284-40C6-916E-2EE78102BF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78B4F1C7-A301-4C94-A41C-A51182B83677\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AB27A2D-549C-450E-A09E-B3316895F052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B20D44D-F87E-4692-8E04-695683F1ECE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7305944-AC9C-47A3-AADF-71A8B24830D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:enterprise_storage:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9A626D2-FF84-40BB-B5A2-053D64992FE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71A42960-17FA-4F96-8CF4-BADAB702EBA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9910C73A-3BCD-4F56-8C7D-79CB289640A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0156BFA-9E83-43E6-9C73-9711AD054B5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAC2D0A4-56F8-4ED6-91E2-78434A016C5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4F81939-C109-4643-951E-42F8F20F4672\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"450A3B3F-F26D-4EAB-BF5D-4C906C4A99DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5BDD59-5008-4DDC-B805-BB6B7DE8E1A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69D3CCD-6590-46EF-9D3F-E903AB78E3BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51136B38-5715-49B3-BD8D-91F90632247D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5810E98-7BF5-42E2-9DE9-661049ABE367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E46DEFD-659D-4D8F-BCD8-6B8A022F8FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1532304-0EA2-4816-B481-C87C7386DC88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83F8A7D8-FD3E-4C36-AB2A-A61449BF38C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B631400C-0A5A-45A3-9DFA-B419E83D324E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp1:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"357F7687-7710-4F51-A655-E02F3A3603FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp2:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"9199A62B-B38B-482D-9557-7E43A6E13774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp3:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"02D86BE4-C975-4F28-861D-3313E144BAC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp4:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"2268D43F-6457-4708-AB00-F111B5945016\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp5:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"990A2271-69DA-4FC9-BD7B-2D1A22BF26E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp6:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"31785EF5-12E3-44EB-9391-B34C9476A075\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:basesystem_module:15:sp7:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"2E177376-B887-4D00-BD07-60C1B862901F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp1:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"58DEE083-487A-4C64-A269-CD5C63D4A273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp2:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"0E65BF75-2DE8-46D3-8A34-BC5EDB9B66D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp3:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"D15DC0F1-2C7A-45F3-BC08-82A4B925B2B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp4:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"E7DF4886-9D35-4415-A727-A08FEBF7128C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp5:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"6997F266-74C0-41A2-B157-F3E09A3A9C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp6:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"AA273F5C-BE4E-410B-9192-0DD9473E9822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:development_tools_module:15:sp7:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"0A9B8201-C85C-46A9-B597-57711971F402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:legacy_module:15:sp7:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"F60DD081-8FD5-4C2B-96BB-18CED178031F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55242557-663C-4870-A439-4C8FEEB69E7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BBB0C06-3CCE-40B2-8CEA-F4303D861C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4F62C0-4188-433A-8292-559025CA23C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACB76FF0-B939-42E9-842B-171E929F317D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F648F64B-C3F2-4B14-906D-E48345303F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3298F3F6-F8A1-41CC-AD83-C584CA103757\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B83183BD-A440-4697-8DD8-8A478C428984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4388826-A383-4FBA-819A-363EAF6183DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_availability_extension:15:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FCE4D2-1DEA-47B8-B8E2-28BF9F6B4427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_availability_extension:15:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD0E86ED-467D-4904-A264-EA4A3DC43FAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_availability_extension:15:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D4A57E9-3F8E-487B-BAC8-0F85DC776C01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_availability_extension:16.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E00590A7-67FA-419C-8B98-3B7F7EBA3DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:-:*:*:*\",\"matchCriteriaId\":\"5EB65449-AE21-4EE9-B0A1-6E7F984BA33F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*\",\"matchCriteriaId\":\"89C89474-3F7A-499E-8E7C-25952584A68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CA2E84A0-A9ED-411B-9963-647D8A95D3D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*\",\"matchCriteriaId\":\"6426BD94-DEE9-4833-B266-747DAD834366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*\",\"matchCriteriaId\":\"455B5F70-FDA0-4AE3-9C62-F0BC8E6C3D85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"A0E17861-F7C2-479B-B687-42419ADED014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*\",\"matchCriteriaId\":\"75A0B727-33A9-416B-9E83-5103ABE856B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:espos:*:*:*\",\"matchCriteriaId\":\"C46EFE88-003E-45C7-9BB3-CCC6B4E5E012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"4B6D6786-D47A-49D3-A368-775417B47AE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"D0E679A3-3EAC-4603-BD89-E04EE26845B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:espos:*:*:*\",\"matchCriteriaId\":\"3A766D20-F8F6-47D7-BB8A-298E6D4A557B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"E7C37E18-03E4-4618-A5DF-3B4C307AE262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:-:*:*:*\",\"matchCriteriaId\":\"26F5E65A-CC1E-43D7-8181-53ACF3D04D01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:espos:*:*:*\",\"matchCriteriaId\":\"AFECB8BB-9BFE-4725-BEF0-D05DC7858E76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"4E3D5431-943A-47E6-9702-BD9FC39FF18E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp6:*:*:-:*:*:*\",\"matchCriteriaId\":\"E3F9185F-365B-4DA9-A406-B474792C45A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp7:*:*:-:*:*:*\",\"matchCriteriaId\":\"D1570F75-DBEA-4B52-B499-06E7D100E270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_live_patching:12:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D26195B-07AA-4320-A0C9-D322266DEC68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CADD34DE-2694-4F53-9CEE-765A981565DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F229A3A-A13F-46E7-9A29-3FA43EE44D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B717A471-D104-4D66-9EDB-BF65C96E0A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"B59781EB-6D62-4619-AC92-F858BDF0D430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.0:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"620CB473-D500-49B1-ABD5-A2C6DB641DD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.1:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"FE7DC148-F244-4AEA-8803-17ADF8DC4AC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"EACDFD9B-C423-4FD1-B9AA-0D6D7D93CB36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*\",\"matchCriteriaId\":\"825D86FE-87DA-4389-8097-D7CF34718CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.3:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"E037079A-283D-460C-A76D-E436C575352B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.3:*:*:*:*:rancher:*:*\",\"matchCriteriaId\":\"E1BB6675-DF28-4494-A956-06915DE98A09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.4:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"0D7CF925-609A-41DD-A76A-4D8F6C05729A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.4:*:*:*:*:rancher:*:*\",\"matchCriteriaId\":\"E9138B27-95CD-4064-AB74-CD1364DA3D3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.5:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"6683D4D9-9647-4C06-A729-8CE2DFE195E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0AC584-5E26-4ACE-BC19-9E69A302F238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17377C9F-F429-47B2-AC4D-17CE243ED949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"62DC1612-368F-4D67-AA5E-E4719279DE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"71E87389-289F-4FF6-928B-9A8E77387F65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8772290-7B8F-4FF3-8114-0535E84E10F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF782A24-9E6B-4897-9402-37DBCA7A7332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:-:-:*:*\",\"matchCriteriaId\":\"A25FBA6E-EB0B-4FD3-A0CE-33CA9EB0CD62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"0E13E83D-4249-45C1-8025-491EECA6F9F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss_extreme_core:-:*:*\",\"matchCriteriaId\":\"6BBDE786-4B07-4FD1-817F-948A19F97EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:-:*:*\",\"matchCriteriaId\":\"38373877-18C5-4CEB-A2F1-A6BCF63C1D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*\",\"matchCriteriaId\":\"E279968E-C62B-4888-899A-2BF57E8F8692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:-:*:*\",\"matchCriteriaId\":\"26CAA62D-796C-45E2-8797-64833C237D27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"191B0B2D-5A5A-4206-B061-106C22C03C88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:-:-:*:*\",\"matchCriteriaId\":\"36E71D0E-6256-45D5-A0B8-518B3DB59718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"FE4A9969-7684-44E0-AF88-437B6F5B2CAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:ltss_extended_security:-:*:*\",\"matchCriteriaId\":\"1202065D-DE5A-4E7F-B01A-4D3915C5112A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:-:-:*:*\",\"matchCriteriaId\":\"60EF8A73-A078-49A9-8FDE-4B7F74B2E17B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:-:sap:*:*\",\"matchCriteriaId\":\"82A16781-8A1D-4FE4-84E8-19B6B8D5E6D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"26FDBC27-D993-4A93-BC70-753FA21F4C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"5BC409DF-47A5-4EAF-9DCA-9BA35BB1B2C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:-:-:*:*\",\"matchCriteriaId\":\"2FAAE2BD-4063-4C24-B8C8-9638171A19B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:-:sap:*:*\",\"matchCriteriaId\":\"1615874B-E07C-4DAB-9F48-34DA42915314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"A256B5D1-49D2-4363-AAD6-30FD32F0D132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"2AEA8A74-9D7D-410A-983E-7E69443DEA6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:-:-:*:*\",\"matchCriteriaId\":\"F9771ADC-0560-4146-9CC2-690D3C3CE81F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:-:sap:*:*\",\"matchCriteriaId\":\"76840252-04F1-43C4-9A59-676B179650E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"7456711B-C403-48FC-AD77-92D5177D3175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"3BE8B253-3C09-48C8-BAE8-3E953AAFA49F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:-:-:*:*\",\"matchCriteriaId\":\"9122256C-13F2-4322-95F1-9D83C9051A45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:-:sap:*:*\",\"matchCriteriaId\":\"CC23D242-B960-40D3-A395-174A1F270D4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"7053AA23-E12B-4B91-A641-724887F6A4DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp5:*:*:-:-:*:*\",\"matchCriteriaId\":\"9E823F48-8554-4590-BC30-CA17ECAE9ED4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp5:*:*:-:sap:*:*\",\"matchCriteriaId\":\"0B02BB2D-5DB9-48DC-AB4F-B006D18234FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp5:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"8DFA6058-A5C9-4E87-9F34-B083E55A7EA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp6:*:*:-:-:*:*\",\"matchCriteriaId\":\"BB84120C-48BB-4147-AAD3-39DEF003B57E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp6:*:*:-:sap:*:*\",\"matchCriteriaId\":\"8F9012DD-FFF8-4CED-AEA3-C22CB44C237F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp6:*:*:ltss:-:*:*\",\"matchCriteriaId\":\"B05BFB51-DBF6-4F71-83F8-C32BFB396404\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp7:*:*:-:-:*:*\",\"matchCriteriaId\":\"CCE4946A-773A-443D-B5E3-839E637C3360\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp7:*:*:-:sap:*:*\",\"matchCriteriaId\":\"C2F7F7D2-6E82-4FB4-8C44-3C7DEF123173\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:16.0:-:*:*:-:-:*:*\",\"matchCriteriaId\":\"0F61E05F-DD0A-48AB-B7B2-8D84A5517FF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:16.0:-:*:*:-:sap:*:*\",\"matchCriteriaId\":\"7DC085B3-7D3D-4FEB-B778-79FBDD87264A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:16.1:-:*:*:-:-:*:*\",\"matchCriteriaId\":\"09803492-7525-4B24-B34E-64BB9FF6FDBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:16.1:-:*:*:-:sap:*:*\",\"matchCriteriaId\":\"56519853-7A3E-412C-A4F6-6921A1742033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_workstation_extension:15:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"12E15CF5-8517-4AE1-9130-4CFA65C2F7C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_micro:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A4E809C-2AAD-4E86-A5F4-AB41CA669F40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_micro:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC86A69-74D3-4745-BC7C-BBAF80B2BCBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_micro:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9594AD7-3671-42D1-B07E-D8FE8782EDD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:public_cloud_module:15:sp6:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"CEB648DC-0111-443B-A728-2D9B01EBC179\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:public_cloud_module:15:sp7:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"6C09FB49-F594-4ECD-9686-4EDBC8BD1C1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:realtime_module:15:sp3:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"9C713704-CEB4-4F44-BD93-77F0586DC518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:realtime_module:15:sp4:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"D7E2A9ED-6E69-46D7-85AC-2DB710AB7A84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:realtime_module:15:sp5:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"6C4BB4DD-2022-479F-8805-70B37E2B224C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:realtime_module:15:sp6:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"ACB1A9AF-E037-4FC1-8A35-E1D128005FA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:realtime_module:15:sp7:*:*:*:suse_linux_enterprise:*:*\",\"matchCriteriaId\":\"DD298056-E8C4-4F7E-8CD5-784C201633D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.11\",\"matchCriteriaId\":\"A1DAD7C2-EBFB-4DF5-A727-0A84F8F31619\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arista:cloudvision_agni:*:*:*:*:*:-:*:*\",\"versionStartIncluding\":\"2024.4.0\",\"versionEndIncluding\":\"2025.2.2\",\"matchCriteriaId\":\"A4C875E3-0FFA-4806-BA6C-EB2F8EBF76AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024.2.0\",\"versionEndIncluding\":\"2026.1.0\",\"matchCriteriaId\":\"0ADB58FD-7F44-4BA1-9A55-21E220B4FFDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arista:velocloud_edge:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5.0\",\"versionEndIncluding\":\"6.4.1\",\"matchCriteriaId\":\"1A9C5C40-C542-4320-9777-29A0F2D70220\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arista:velocloud_gateway:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F2CE3D-1529-4A87-BD14-173BF206D7A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:velocloud_orchestrator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CE92745-C5FC-4FDD-B3FB-B712078C1348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:netvisor_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.0\",\"matchCriteriaId\":\"A3349C40-C473-4744-AF72-AB6B0EBDB92F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:netvisor_os:7.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"447BB72F-95B9-4F2E-8CDD-74664AD045ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:netvisor_os:7.1.0:hotfix7:*:*:*:*:*:*\",\"matchCriteriaId\":\"82A2BB74-B148-44F1-904E-325E89720073\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"99E36624-A573-47D9-B158-B18A8A822FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BC4FA01-8DDB-41E4-B759-7B504F78AEBC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"2A7548B8-3DF7-46D9-8A4F-87C38969D900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1EE93D-BAD2-4B86-910C-8784FCC9F398\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"19F1C257-0EE6-47DE-B4BE-169F801FFDD8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F63E0A-126D-4A93-8159-45EB5E606F81\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1\",\"matchCriteriaId\":\"3A84FD25-22C7-47F3-ABC2-413D03AB4648\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_tm_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"754051AB-27D3-41CA-B2C8-79BAD48C8750\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"359012F1-2C63-415A-88B8-6726A87830DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"BF90B5A4-6E55-4369-B9D4-E7A061E797D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:25.10:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"8998BFFF-82EF-4D9E-8DE5-0072064512BC\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/29/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/29/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/29/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/28\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/31\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/06/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/07/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/07/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/08/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/18/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://copy.fail\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/260001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/theori-io/copy-fail-CVE-2026-31431\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\"]},{\"url\":\"https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://xint.io/blog/copy-fail-linux-distributions#the-fix-6\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/29/23\"}, {\"url\": \"https://copy.fail\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/29/25\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/29/26\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/11\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/15\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/16\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/17\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/18\"}, {\"url\": \"https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/20\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/15\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/16\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/17\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/18\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/22\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/23\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/24\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/7\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/8\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/15\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/16\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/17\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/18\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/19\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/20\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/21\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/23\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/24\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/25\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/13\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/11\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/13\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/8\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/9\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/24\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/27\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/28\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/29\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/31\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/06/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/07/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/07/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/08/13\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/260001\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/18/3\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-05-18T17:44:54.264Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T12:09:03.910Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-31431\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-01T18:01:42.445834Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-05-01\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431\"}}}], \"references\": [{\"url\": \"https://github.com/theori-io/copy-fail-CVE-2026-31431\", \"tags\": [\"exploit\"]}, {\"url\": \"https://xint.io/blog/copy-fail-linux-distributions#the-fix-6\", \"tags\": [\"mitigation\"]}, {\"url\": \"https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/\", \"tags\": [\"mitigation\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation\", \"tags\": [\"mitigation\"]}, {\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-669\", \"description\": \"CWE-669 Incorrect Resource Transfer Between Spheres\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-29T19:36:12.411Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-01T00:00:00.000Z\", \"value\": \"CVE-2026-31431 added to CISA KEV\"}]}], \"cna\": {\"title\": \"crypto: algif_aead - Revert to operating out-of-place\", \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"893d22e0135fa394db81df88697fba6032747667\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"19d43105a97be0810edbda875f2cd03f30dc130c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"961cfa271a918ad4ae452420e7c303149002875b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"3115af9644c342b356f3f07a4dd1c8905cd9a6fc\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"8b88d99341f139e23bdeb1027a2a3ae10d341d82\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"ce42ee423e58dffa5ec03524054c9d8bfd4f6237\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5\", \"versionType\": \"git\"}], \"programFiles\": [\"crypto/af_alg.c\", \"crypto/algif_aead.c\", \"crypto/algif_skcipher.c\", \"include/crypto/if_alg.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.14\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.14\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.254\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.204\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.170\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.137\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.85\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.18.22\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.18.*\"}, {\"status\": \"unaffected\", \"version\": \"6.19.12\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.19.*\"}, {\"status\": \"unaffected\", \"version\": \"7.0\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"crypto/af_alg.c\", \"crypto/algif_aead.c\", \"crypto/algif_skcipher.c\", \"include/crypto/if_alg.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667\"}, {\"url\": \"https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c\"}, {\"url\": \"https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b\"}, {\"url\": \"https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc\"}, {\"url\": \"https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82\"}, {\"url\": \"https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8\"}, {\"url\": \"https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237\"}, {\"url\": \"https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: algif_aead - Revert to operating out-of-place\\n\\nThis mostly reverts commit 72548b093ee3 except for the copying of\\nthe associated data.\\n\\nThere is no benefit in operating in-place in algif_aead since the\\nsource and destination come from different mappings. Get rid of\\nall the complexity added for in-place operation and just copy the\\nAD directly.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.254\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.204\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.170\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.137\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.85\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.18.22\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.19.12\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.0\", \"versionStartIncluding\": \"4.14\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T22:08:34.612Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-31431\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-18T17:44:54.264Z\", \"dateReserved\": \"2026-03-09T15:48:24.089Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2026-04-22T08:15:10.123Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…