CVE-2026-31431

7.8 HIGH CISA KEV - Actively Exploited

Published: April 22, 2026 Modified: May 03, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

http://www.openwall.com/lists/oss-security/2026/04/29/23

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/29/25

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/29/26

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/10

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/11

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/12

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/14

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/15

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/16

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/17

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://www.openwall.com/lists/oss-security/2026/04/30/18

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Mailing List

http://www.openwall.com/lists/oss-security/2026/04/30/2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://www.openwall.com/lists/oss-security/2026/04/30/20

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://www.openwall.com/lists/oss-security/2026/04/30/5

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Mailing List Patch

http://www.openwall.com/lists/oss-security/2026/04/30/6

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://www.openwall.com/lists/oss-security/2026/05/01/10

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/12

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/15

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/16

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/17

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/18

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://www.openwall.com/lists/oss-security/2026/05/01/22

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/23

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/24

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/01/3

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

http://www.openwall.com/lists/oss-security/2026/05/02/14

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/15

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/16

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/17

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/18

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/19

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/20

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/21

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/23

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/24

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/25

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/5

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/6

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/7

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/02/8

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/10

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/12

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/13

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/5

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/05/03/6

Source: af854a3a-2127-422b-91ae-364da2661108

https://copy.fail

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Third Party Advisory

https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

https://github.com/theori-io/copy-fail-CVE-2026-31431

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit

https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

https://xint.io/blog/copy-fail-linux-distributions#the-fix-6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

64 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.8 / 10.0

EPSS (Exploit Probability)

4.0%

88th percentile

Exploitation Status

Actively Exploited

Remediation due: 2026-05-15

Weaknesses (CWE)

CWE-669

Affected Vendors

linux

Related CVEs

CVE-2026-7724 5.0

CVE-2026-7723 7.3

CVE-2026-7722 5.3

CVE-2026-7721 6.3

CVE-2026-7720 6.3