CVE-2026-31431NVD

Vulnerability Summary

In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead - Revert to operating out-of-place

This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.

There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.

Severity Level

HIGH(7.8)

Published Date

Apr 22, 2026

Last Modified

May 21, 2026

Exploitation Status

ACTIVE

EPSS Score (30-Day)

94.02%Probability

Root Weakness (CWE)

CWE-669: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c
https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc
https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667
https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82
https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b
https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5
https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237
https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8
http://www.openwall.com/lists/oss-security/2026/04/29/23
http://www.openwall.com/lists/oss-security/2026/04/29/25
http://www.openwall.com/lists/oss-security/2026/04/29/26
http://www.openwall.com/lists/oss-security/2026/04/30/10
http://www.openwall.com/lists/oss-security/2026/04/30/11
http://www.openwall.com/lists/oss-security/2026/04/30/12
http://www.openwall.com/lists/oss-security/2026/04/30/14
http://www.openwall.com/lists/oss-security/2026/04/30/15
http://www.openwall.com/lists/oss-security/2026/04/30/16
http://www.openwall.com/lists/oss-security/2026/04/30/17
http://www.openwall.com/lists/oss-security/2026/04/30/18
http://www.openwall.com/lists/oss-security/2026/04/30/2
http://www.openwall.com/lists/oss-security/2026/04/30/20
http://www.openwall.com/lists/oss-security/2026/04/30/5
http://www.openwall.com/lists/oss-security/2026/04/30/6
http://www.openwall.com/lists/oss-security/2026/05/01/10
http://www.openwall.com/lists/oss-security/2026/05/01/12
http://www.openwall.com/lists/oss-security/2026/05/01/15
http://www.openwall.com/lists/oss-security/2026/05/01/16
http://www.openwall.com/lists/oss-security/2026/05/01/17
http://www.openwall.com/lists/oss-security/2026/05/01/18
http://www.openwall.com/lists/oss-security/2026/05/01/2
http://www.openwall.com/lists/oss-security/2026/05/01/22
http://www.openwall.com/lists/oss-security/2026/05/01/23
http://www.openwall.com/lists/oss-security/2026/05/01/24
http://www.openwall.com/lists/oss-security/2026/05/01/3
http://www.openwall.com/lists/oss-security/2026/05/02/14
http://www.openwall.com/lists/oss-security/2026/05/02/15
http://www.openwall.com/lists/oss-security/2026/05/02/16
http://www.openwall.com/lists/oss-security/2026/05/02/17
http://www.openwall.com/lists/oss-security/2026/05/02/18
http://www.openwall.com/lists/oss-security/2026/05/02/19
http://www.openwall.com/lists/oss-security/2026/05/02/20
http://www.openwall.com/lists/oss-security/2026/05/02/21
http://www.openwall.com/lists/oss-security/2026/05/02/23
http://www.openwall.com/lists/oss-security/2026/05/02/24
http://www.openwall.com/lists/oss-security/2026/05/02/25
http://www.openwall.com/lists/oss-security/2026/05/02/4
http://www.openwall.com/lists/oss-security/2026/05/02/5
http://www.openwall.com/lists/oss-security/2026/05/02/6
http://www.openwall.com/lists/oss-security/2026/05/02/7
http://www.openwall.com/lists/oss-security/2026/05/02/8
http://www.openwall.com/lists/oss-security/2026/05/03/10
http://www.openwall.com/lists/oss-security/2026/05/03/12
http://www.openwall.com/lists/oss-security/2026/05/03/13
http://www.openwall.com/lists/oss-security/2026/05/03/3
http://www.openwall.com/lists/oss-security/2026/05/03/4
http://www.openwall.com/lists/oss-security/2026/05/03/5
http://www.openwall.com/lists/oss-security/2026/05/03/6
http://www.openwall.com/lists/oss-security/2026/05/04/1
http://www.openwall.com/lists/oss-security/2026/05/04/10
http://www.openwall.com/lists/oss-security/2026/05/04/11
http://www.openwall.com/lists/oss-security/2026/05/04/12
http://www.openwall.com/lists/oss-security/2026/05/04/13
http://www.openwall.com/lists/oss-security/2026/05/04/14
http://www.openwall.com/lists/oss-security/2026/05/04/2
http://www.openwall.com/lists/oss-security/2026/05/04/24
http://www.openwall.com/lists/oss-security/2026/05/04/27
http://www.openwall.com/lists/oss-security/2026/05/04/28
http://www.openwall.com/lists/oss-security/2026/05/04/29
http://www.openwall.com/lists/oss-security/2026/05/04/31
http://www.openwall.com/lists/oss-security/2026/05/04/8
http://www.openwall.com/lists/oss-security/2026/05/04/9
http://www.openwall.com/lists/oss-security/2026/05/06/5
http://www.openwall.com/lists/oss-security/2026/05/07/12
http://www.openwall.com/lists/oss-security/2026/05/07/2
http://www.openwall.com/lists/oss-security/2026/05/08/13
http://www.openwall.com/lists/oss-security/2026/05/18/3
https://copy.fail
https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170
https://www.kb.cert.org/vuls/id/260001
https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
https://github.com/theori-io/copy-fail-CVE-2026-31431
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431
https://xint.io/blog/copy-fail-linux-distributions#the-fix-6