CVE-2026-31431
HIGH
7,8
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Description
AI Translation Available
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to operating out-of-place
This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.
There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0123
Percentile
0,8th
Updated
EPSS Score Trend (Last 4 Days)
669
Incorrect Resource Transfer Between Spheres
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Potential Impacts:
Read Application Data
Modify Application Data
Unexpected State
Applicable Platforms
All platforms may be affected
Operating System
Ubuntu Linux by Canonical
CPE Identifier
View Detailed Analysis
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.19
(inclusive)
To
6.19.12
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Suse Linux by Suse
CPE Identifier
View Detailed Analysis
cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
4.14
(inclusive)
To
5.10.254
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.2
(inclusive)
To
6.6.137
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:10.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Container Platform by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Amazon Linux by Amazon
CPE Identifier
View Detailed Analysis
cpe:2.3:o:amazon:amazon_linux:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.13
(inclusive)
To
6.18.22
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
5.16
(inclusive)
To
6.1.170
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
6.7
(inclusive)
To
6.12.85
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Linux Kernel by Linux
Version Range Affected
From
5.11
(inclusive)
To
5.15.204
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation
https://github.com/theori-io/copy-fail-CVE-2026-31431
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregk…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026…
https://xint.io/blog/copy-fail-linux-distributions#the-fix-6
https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c
https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc
https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667
https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82
https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b
https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5
https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237
https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8
https://copy.fail
https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root…
http://www.openwall.com/lists/oss-security/2026/04/29/23
http://www.openwall.com/lists/oss-security/2026/04/29/25
http://www.openwall.com/lists/oss-security/2026/04/29/26
http://www.openwall.com/lists/oss-security/2026/04/30/10
http://www.openwall.com/lists/oss-security/2026/04/30/11
http://www.openwall.com/lists/oss-security/2026/04/30/12
http://www.openwall.com/lists/oss-security/2026/04/30/14
http://www.openwall.com/lists/oss-security/2026/04/30/15
http://www.openwall.com/lists/oss-security/2026/04/30/16
http://www.openwall.com/lists/oss-security/2026/04/30/17
http://www.openwall.com/lists/oss-security/2026/04/30/18
http://www.openwall.com/lists/oss-security/2026/04/30/2
http://www.openwall.com/lists/oss-security/2026/04/30/20
http://www.openwall.com/lists/oss-security/2026/04/30/5
http://www.openwall.com/lists/oss-security/2026/04/30/6
http://www.openwall.com/lists/oss-security/2026/05/01/10
http://www.openwall.com/lists/oss-security/2026/05/01/12
http://www.openwall.com/lists/oss-security/2026/05/01/15
http://www.openwall.com/lists/oss-security/2026/05/01/16
http://www.openwall.com/lists/oss-security/2026/05/01/17
http://www.openwall.com/lists/oss-security/2026/05/01/18
http://www.openwall.com/lists/oss-security/2026/05/01/2
http://www.openwall.com/lists/oss-security/2026/05/01/22
http://www.openwall.com/lists/oss-security/2026/05/01/23
http://www.openwall.com/lists/oss-security/2026/05/01/24
http://www.openwall.com/lists/oss-security/2026/05/01/3
http://www.openwall.com/lists/oss-security/2026/05/02/14
http://www.openwall.com/lists/oss-security/2026/05/02/15
http://www.openwall.com/lists/oss-security/2026/05/02/16
http://www.openwall.com/lists/oss-security/2026/05/02/17
http://www.openwall.com/lists/oss-security/2026/05/02/18
http://www.openwall.com/lists/oss-security/2026/05/02/19
http://www.openwall.com/lists/oss-security/2026/05/02/20
http://www.openwall.com/lists/oss-security/2026/05/02/21
http://www.openwall.com/lists/oss-security/2026/05/02/23
http://www.openwall.com/lists/oss-security/2026/05/02/24
http://www.openwall.com/lists/oss-security/2026/05/02/25
http://www.openwall.com/lists/oss-security/2026/05/02/4
http://www.openwall.com/lists/oss-security/2026/05/02/5
http://www.openwall.com/lists/oss-security/2026/05/02/6
http://www.openwall.com/lists/oss-security/2026/05/02/7
http://www.openwall.com/lists/oss-security/2026/05/02/8
http://www.openwall.com/lists/oss-security/2026/05/03/10
http://www.openwall.com/lists/oss-security/2026/05/03/12
http://www.openwall.com/lists/oss-security/2026/05/03/13
http://www.openwall.com/lists/oss-security/2026/05/03/3
http://www.openwall.com/lists/oss-security/2026/05/03/4
http://www.openwall.com/lists/oss-security/2026/05/03/5
http://www.openwall.com/lists/oss-security/2026/05/03/6
http://www.openwall.com/lists/oss-security/2026/05/04/1
http://www.openwall.com/lists/oss-security/2026/05/04/10
http://www.openwall.com/lists/oss-security/2026/05/04/11
http://www.openwall.com/lists/oss-security/2026/05/04/12
http://www.openwall.com/lists/oss-security/2026/05/04/13
http://www.openwall.com/lists/oss-security/2026/05/04/14
http://www.openwall.com/lists/oss-security/2026/05/04/2
http://www.openwall.com/lists/oss-security/2026/05/04/24
http://www.openwall.com/lists/oss-security/2026/05/04/27
http://www.openwall.com/lists/oss-security/2026/05/04/28
http://www.openwall.com/lists/oss-security/2026/05/04/29
http://www.openwall.com/lists/oss-security/2026/05/04/31
http://www.openwall.com/lists/oss-security/2026/05/04/8
http://www.openwall.com/lists/oss-security/2026/05/04/9
http://www.openwall.com/lists/oss-security/2026/05/06/5