crypto: algif_aead - Revert to operating out-of-place
Summary
| CVE | CVE-2026-31431 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-04-22 09:16:21 UTC |
| Updated | 2026-05-21 19:52:35 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. |
Risk And Classification
Primary CVSS: v3.1 7.8 HIGH from 416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS: 0.026780000 probability, percentile 0.862150000 (date 2026-06-12)
CISA KEV: Listed on 2026-05-01; due 2026-05-15; ransomware use Unknown
Problem Types: CWE-669 | CWE-669 CWE-669 Incorrect Resource Transfer Between Spheres
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Secondary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | CNA | DECLARED | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA Known Exploited Vulnerability
| Vendor | Linux |
|---|---|
| Product | Kernel |
| Name | Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability |
| Required Action | "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| Notes | https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 893d22e0135fa394db81df88697fba6032747667 git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 19d43105a97be0810edbda875f2cd03f30dc130c git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 961cfa271a918ad4ae452420e7c303149002875b git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 3115af9644c342b356f3f07a4dd1c8905cd9a6fc git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 8b88d99341f139e23bdeb1027a2a3ae10d341d82 git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 ce42ee423e58dffa5ec03524054c9d8bfd4f6237 git | Not specified |
| CNA | Linux | Linux | affected 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 git | Not specified |
| CNA | Linux | Linux | affected 4.14 | Not specified |
| CNA | Linux | Linux | unaffected 4.14 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.10.254 5.10.* semver | Not specified |
| CNA | Linux | Linux | unaffected 5.15.204 5.15.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.170 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.137 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.85 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.22 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.19.12 6.19.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0 * original_commit_for_fix | Not specified |
| ADP | Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP | affected V3.1.5 * custom | Not specified |
| ADP | Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP | affected V3.1.5 * custom | Not specified |
| ADP | Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP | affected V3.1.5 * custom | Not specified |
| ADP | Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP | affected V3.1.5 * custom | Not specified |
| ADP | Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux Subsystem | affected * custom | Not specified |
| ADP | Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP | affected V3.1.5 * custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/05/08/13 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/05/04/27 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/9 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/16 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/24 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/05/07/2 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| copy.fail | af854a3a-2127-422b-91ae-364da2661108 | copy.fail | Exploit |
| www.openwall.com/lists/oss-security/2026/05/02/17 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/8 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/29/23 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Exploit, Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/02/14 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/20 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| cert-portal.siemens.com/productcert/html/ssa-082556.html | 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | cert-portal.siemens.com | Third Party Advisory |
| www.openwall.com/lists/oss-security/2026/04/30/18 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Exploit, Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/15 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/24 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/04/29/25 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/02/6 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/05/01/18 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/7 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| cert-portal.siemens.com/productcert/html/ssa-265688.html | 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | cert-portal.siemens.com | Third Party Advisory |
| www.openwall.com/lists/oss-security/2026/05/02/4 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/07/12 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/23 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| xint.io/blog/copy-fail-linux-distributions | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | xint.io | Exploit, Patch, Third Party Advisory |
| www.cisa.gov/known-exploited-vulnerabilities-catalog | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | www.cisa.gov | US Government Resource |
| www.openwall.com/lists/oss-security/2026/05/02/5 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/22 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/29/26 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Exploit, Mailing List, Patch |
| websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-... | af854a3a-2127-422b-91ae-364da2661108 | websec.net | Exploit, Third Party Advisory |
| www.kb.cert.org/vuls/id/260001 | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | Third Party Advisory |
| www.openwall.com/lists/oss-security/2026/05/03/13 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/15 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/6 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/1 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/03/6 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/03/12 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/12 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | lore.kernel.org | Vendor Advisory |
| www.openwall.com/lists/oss-security/2026/05/04/2 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/3 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/16 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/5 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Exploit, Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/03/5 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/05/04/31 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/25 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/14 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/11 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/01/17 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/2 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/8 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/03/10 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/24 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/10 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/03/4 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/06/5 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/03/3 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/01/10 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/23 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/12 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/17 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/16 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/04/13 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| access.redhat.com/security/cve/cve-2026-31431 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | access.redhat.com | Third Party Advisory |
| www.openwall.com/lists/oss-security/2026/04/30/2 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/29 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/18 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| github.com/theori-io/copy-fail-CVE-2026-31431 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | github.com | Exploit |
| www.openwall.com/lists/oss-security/2026/05/01/12 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/04/10 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/15 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/02/21 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | Patch |
| www.openwall.com/lists/oss-security/2026/05/04/28 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/19 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/18/3 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/04/30/14 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch |
| www.openwall.com/lists/oss-security/2026/05/04/11 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| www.openwall.com/lists/oss-security/2026/05/02/20 | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| ADP | 2026-05-01T00:00:00.000Z | CVE-2026-31431 added to CISA KEV |
There are currently no legacy QID mappings associated with this CVE.