Vulnerability-Lookup

CVE-2026-31431 (GCVE-0-2026-31431)

Vulnerability from cvelistv5 – Published: 2026-04-22 08:15 – Updated: 2026-05-04 03:05

CISA KEV CIRCL

Title

crypto: algif_aead - Revert to operating out-of-place

Summary

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-669 - Incorrect Resource Transfer Between Spheres

Assigner

Linux

References

URL

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: ff00c791-06de-48b9-8f44-1f3913c1dae2

Vulnerability ID: CVE-2026-31431

Status: Confirmed

Status Updated: 2026-05-01 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2026-05-01

Asserted: 2026-05-01

Scope

Notes: KEV entry: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability | Affected: Linux / Kernel | Description: Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation. | Required action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-05-15 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-699
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Kernel
Due Date	2026-05-15
Date Added	2026-05-01
Vendorproject	Linux
Vulnerabilityname	Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2026-31431

Created: 2026-05-01 19:00 UTC | Updated: 2026-05-01 19:00 UTC

CIRCL

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 3e01e7d3-c2be-4035-865c-115c5aef1b92

Vulnerability ID: CVE-2026-31431

Status: Confirmed

Status Updated: 2026-05-04 07:19 UTC

Exploited: Yes

Alternative IDs:
[]

Characteristics

Remote Code Execution: No

Authentication Required: Yes

Local Access Required: Yes

Timestamps

First Seen: 2026-05-02

Asserted: 2026-05-04

Last Seen: 2026-05-04

Evidence

Type: Incident Response

Signal: Successful Exploitation

Source: Host logs

Details

Note	Seen exploited on a system giving shell access to users.

Created: 2026-05-04 07:19 UTC | Updated: 2026-05-04 07:19 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-31431",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-05-01",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-669",
                "description": "CWE-669 Incorrect Resource Transfer Between Spheres",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-02T03:55:23.146Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/theori-io/copy-fail-CVE-2026-31431"
          },
          {
            "tags": [
              "mitigation"
            ],
            "url": "https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"
          },
          {
            "tags": [
              "mitigation"
            ],
            "url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"
          },
          {
            "tags": [
              "mitigation"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation"
          },
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-01T00:00:00.000Z",
            "value": "CVE-2026-31431 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-05-04T03:05:27.900Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/29/23"
          },
          {
            "url": "https://copy.fail"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/29/25"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/29/26"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/11"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/15"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/16"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/17"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/18"
          },
          {
            "url": "https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/20"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/3"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/15"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/16"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/17"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/18"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/22"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/23"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/24"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/4"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/7"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/8"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/15"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/16"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/17"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/18"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/19"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/20"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/21"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/23"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/24"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/25"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/3"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/4"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/13"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "crypto/af_alg.c",
            "crypto/algif_aead.c",
            "crypto/algif_skcipher.c",
            "include/crypto/if_alg.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "893d22e0135fa394db81df88697fba6032747667",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "19d43105a97be0810edbda875f2cd03f30dc130c",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "961cfa271a918ad4ae452420e7c303149002875b",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "3115af9644c342b356f3f07a4dd1c8905cd9a6fc",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "8b88d99341f139e23bdeb1027a2a3ae10d341d82",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "ce42ee423e58dffa5ec03524054c9d8bfd4f6237",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "crypto/af_alg.c",
            "crypto/algif_aead.c",
            "crypto/algif_skcipher.c",
            "include/crypto/if_alg.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.14"
            },
            {
              "lessThan": "4.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.204",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.170",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.137",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.85",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.254",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.204",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.170",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.137",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.85",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.22",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.12",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-30T09:32:06.731Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667"
        },
        {
          "url": "https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c"
        },
        {
          "url": "https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b"
        },
        {
          "url": "https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82"
        },
        {
          "url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
        },
        {
          "url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
        }
      ],
      "title": "crypto: algif_aead - Revert to operating out-of-place",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-31431",
    "datePublished": "2026-04-22T08:15:10.123Z",
    "dateReserved": "2026-03-09T15:48:24.089Z",
    "dateUpdated": "2026-05-04T03:05:27.900Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2026-31431",
      "cwes": "[\"CWE-699\"]",
      "dateAdded": "2026-05-01",
      "dueDate": "2026-05-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431",
      "product": "Kernel",
      "requiredAction": "\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.",
      "vendorProject": "Linux",
      "vulnerabilityName": "Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability"
    },
    "epss": {
      "cve": "CVE-2026-31431",
      "date": "2026-05-03",
      "epss": "0.03976",
      "percentile": "0.88436"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-31431\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-04-22T09:16:21.270\",\"lastModified\":\"2026-05-04T05:16:00.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: algif_aead - Revert to operating out-of-place\\n\\nThis mostly reverts commit 72548b093ee3 except for the copying of\\nthe associated data.\\n\\nThere is no benefit in operating in-place in algif_aead since the\\nsource and destination come from different mappings.  Get rid of\\nall the complexity added for in-place operation and just copy the\\nAD directly.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2026-05-01\",\"cisaActionDue\":\"2026-05-15\",\"cisaRequiredAction\":\"\\\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability\",\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-669\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"5.10.254\",\"matchCriteriaId\":\"24B62F9A-357D-465D-97EB-2819B1CD663C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.204\",\"matchCriteriaId\":\"FA800016-0012-4E3F-A528-2A7F378A0A4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.170\",\"matchCriteriaId\":\"E6653854-B188-42DD-B8C5-0143F1956AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.137\",\"matchCriteriaId\":\"3CA3EF52-168A-4348-8F5F-356C9EB69261\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.85\",\"matchCriteriaId\":\"F17D292D-A9B5-4DC7-8002-51AB95335606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.22\",\"matchCriteriaId\":\"C9DF8BCE-36D3-475D-9D21-19E4F02F9029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.12\",\"matchCriteriaId\":\"0A2B9540-02D5-41B4-B16A-82AF66FD4F36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F253B622-8837-4245-BCE5-A7BF8FC76A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F666C8D8-6538-46D4-B318-87610DE64C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02259FDA-961B-47BC-AE7F-93D7EC6E90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2315C0-D46F-4F85-9754-F9E5E11374A6\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/29/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/29/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/29/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/30/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/01/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/02/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/03/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://copy.fail\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"},{\"url\":\"https://github.com/theori-io/copy-fail-CVE-2026-31431\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\"]},{\"url\":\"https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"},{\"url\":\"https://xint.io/blog/copy-fail-linux-distributions#the-fix-6\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/29/23\"}, {\"url\": \"https://copy.fail\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/29/25\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/29/26\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/11\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/15\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/16\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/17\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/18\"}, {\"url\": \"https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/30/20\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/15\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/16\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/17\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/18\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/22\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/23\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/01/24\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/7\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/8\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/15\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/16\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/17\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/18\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/19\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/20\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/21\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/23\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/24\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/02/25\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/10\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/03/13\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/04/2\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-05-04T03:05:27.900Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-31431\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-01T18:01:42.445834Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-05-01\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431\"}}}], \"references\": [{\"url\": \"https://github.com/theori-io/copy-fail-CVE-2026-31431\", \"tags\": [\"exploit\"]}, {\"url\": \"https://xint.io/blog/copy-fail-linux-distributions#the-fix-6\", \"tags\": [\"mitigation\"]}, {\"url\": \"https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/\", \"tags\": [\"mitigation\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation\", \"tags\": [\"mitigation\"]}, {\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-669\", \"description\": \"CWE-669 Incorrect Resource Transfer Between Spheres\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-29T19:36:12.411Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-01T00:00:00.000Z\", \"value\": \"CVE-2026-31431 added to CISA KEV\"}]}], \"cna\": {\"title\": \"crypto: algif_aead - Revert to operating out-of-place\", \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"893d22e0135fa394db81df88697fba6032747667\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"19d43105a97be0810edbda875f2cd03f30dc130c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"961cfa271a918ad4ae452420e7c303149002875b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"3115af9644c342b356f3f07a4dd1c8905cd9a6fc\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"8b88d99341f139e23bdeb1027a2a3ae10d341d82\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"ce42ee423e58dffa5ec03524054c9d8bfd4f6237\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"72548b093ee38a6d4f2a19e6ef1948ae05c181f7\", \"lessThan\": \"a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5\", \"versionType\": \"git\"}], \"programFiles\": [\"crypto/af_alg.c\", \"crypto/algif_aead.c\", \"crypto/algif_skcipher.c\", \"include/crypto/if_alg.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.14\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.14\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.254\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.204\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.170\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.137\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.85\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.18.22\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.18.*\"}, {\"status\": \"unaffected\", \"version\": \"6.19.12\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.19.*\"}, {\"status\": \"unaffected\", \"version\": \"7.0\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"crypto/af_alg.c\", \"crypto/algif_aead.c\", \"crypto/algif_skcipher.c\", \"include/crypto/if_alg.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667\"}, {\"url\": \"https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c\"}, {\"url\": \"https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b\"}, {\"url\": \"https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc\"}, {\"url\": \"https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82\"}, {\"url\": \"https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8\"}, {\"url\": \"https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237\"}, {\"url\": \"https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: algif_aead - Revert to operating out-of-place\\n\\nThis mostly reverts commit 72548b093ee3 except for the copying of\\nthe associated data.\\n\\nThere is no benefit in operating in-place in algif_aead since the\\nsource and destination come from different mappings.  Get rid of\\nall the complexity added for in-place operation and just copy the\\nAD directly.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.254\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.204\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.170\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.137\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.85\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.18.22\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.19.12\", \"versionStartIncluding\": \"4.14\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.0\", \"versionStartIncluding\": \"4.14\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-04-30T09:32:06.731Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-31431\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-04T03:05:27.900Z\", \"dateReserved\": \"2026-03-09T15:48:24.089Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2026-04-22T08:15:10.123Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-2274-3HGR-WXV6

Vulnerability from github – Published: 2026-04-22 09:31 – Updated: 2026-04-22 09:31

Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead - Revert to operating out-of-place

This mostly reverts commit 72548b093ee3 except for the copying of the associated data.

There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-31431"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-22T09:16:21Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
  "id": "GHSA-2274-3hgr-wxv6",
  "modified": "2026-04-22T09:31:32Z",
  "published": "2026-04-22T09:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

MSRC_CVE-2026-31431

Vulnerability from csaf_microsoft - Published: 2026-04-02 00:00 - Updated: 2026-05-03 01:01

Summary

crypto: algif_aead - Revert to operating out-of-place

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2026-31431

None Available There is no fix available for this vulnerability as of now

Vendor Fix 0:6.6.137.1-1.azl3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade https://learn.microsoft.com/en-us/azure/azure-lin…

References

URL

FKIE_CVE-2026-31431

Vulnerability from fkie_nvd - Published: 2026-04-22 09:16 - Updated: 2026-04-30 06:16

CISA KEV CIRCL

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/29/23
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/29/25
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/29/26
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/30/2
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/30/5
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/30/6
	af854a3a-2127-422b-91ae-364da2661108	https://copy.fail
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/theori-io/copy-fail-CVE-2026-31431

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly."
    }
  ],
  "id": "CVE-2026-31431",
  "lastModified": "2026-04-30T06:16:16.320",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-04-22T09:16:21.270",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/29/23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/29/25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/29/26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/30/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/30/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/30/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://copy.fail"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/theori-io/copy-fail-CVE-2026-31431"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-669"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

NCSC-2026-0131

Vulnerability from csaf_ncscnl - Published: 2026-05-01 06:13 - Updated: 2026-05-01 06:13

Summary

Kwetsbaarheid verholpen in Linux kernel cryptographic subsystem

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: De Linux kernel heeft een kwetsbaarheid verholpen in de algif_aead crypto module binnen het cryptographic subsystem.

Interpretaties: De kwetsbaarheid bevindt zich in de algif_aead crypto module van de Linux kernel, waar een fout in de in-place operatie optrad wanneer bron- en bestemmingsmappings verschilden. Hiermee is het mogelijk om voor een gebruiker zonder sudo rechten verhoogde privileges te verkrijgen.

Oplossingen: De kernelontwikkelaars hebben de algif_aead-module teruggezet naar een out-of-place-operatie, waarmee de problematische in-place-verwerking is verwijderd. Daarnaast is de complexiteit verminderd door data direct te kopiëren, in plaats van te vertrouwen op de foutgevoelige in-place-methode. Zie de bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-1288: Improper Validation of Consistency within Input

CVE-2026-31431

The Linux kernel's algif_aead crypto module vulnerability was addressed by reverting to out-of-place operation, eliminating incorrect in-place handling that risked data integrity and encrypted communication reliability.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-1288 - Improper Validation of Consistency within Input

References

URL

WID-SEC-W-2026-1232

Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-05-03 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um seine Privilegien zu erhöhen, um einen Denial of Service Zustand oder andere, nicht näher spezifizierte Auswirkungen zu erzielen.

Betroffene Betriebssysteme: - Linux

CVE-2026-31432

CVE-2026-31433

CVE-2026-31431

References

URL

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-31431 (GCVE-0-2026-31431)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

CIRCL

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Characteristics

Timestamps

Evidence

Incident Response Successful Exploitation Source: Host logs

Details

GHSA-2274-3HGR-WXV6

MSRC_CVE-2026-31431

FKIE_CVE-2026-31431

NCSC-2026-0131

WID-SEC-W-2026-1232

Tags

Sightings

Nomenclature