Voozh

Vulnerabilities

CVE-2026-31431 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

👁 NIST CVSS score

NIST: NVD

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
http://www.openwall.com/lists/oss-security/2026/04/29/23	CVE	Exploit Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/29/25	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/29/26	CVE	Exploit Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/10	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/11	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/12	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/14	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/15	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/16	CVE	Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/17	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/04/30/18	CVE	Exploit Mailing List
http://www.openwall.com/lists/oss-security/2026/04/30/2	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/04/30/20	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/04/30/5	CVE	Exploit Mailing List Patch
http://www.openwall.com/lists/oss-security/2026/04/30/6	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/10	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/12	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/15	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/16	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/17	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/18	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/2	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/22	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/23	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/24	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/01/3	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/14	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/15	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/16	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/17	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/18	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/19	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/20	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/21	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/23	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/24	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/25	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/4	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/5	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/6	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/7	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/02/8	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/10	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/12	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/13	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/3	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/4	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/5	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/03/6	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/1	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/10	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/11	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/12	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/13	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/14	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/2	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/24	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/27	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/28	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/29	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/31	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/8	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/04/9	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/06/5	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/07/12	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/07/2	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/08/13	CVE	Mailing List
http://www.openwall.com/lists/oss-security/2026/05/18/3	CVE	Mailing List
https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation	CISA-ADP	Third Party Advisory
https://cert-portal.siemens.com/productcert/html/ssa-082556.html	siemens-SADP	Third Party Advisory
https://cert-portal.siemens.com/productcert/html/ssa-265688.html	siemens-SADP	Third Party Advisory
https://copy.fail	CVE	Exploit
https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c	kernel.org	Patch
https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc	kernel.org	Patch
https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667	kernel.org	Patch
https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82	kernel.org	Patch
https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b	kernel.org	Patch
https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5	kernel.org	Patch
https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237	kernel.org	Patch
https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8	kernel.org	Patch
https://github.com/theori-io/copy-fail-CVE-2026-31431	CISA-ADP	Exploit
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/	CISA-ADP	Vendor Advisory
https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170	CVE	Exploit Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431	CISA-ADP	US Government Resource
https://www.kb.cert.org/vuls/id/260001	CVE	Third Party Advisory
https://xint.io/blog/copy-fail-linux-distributions#the-fix-6	CISA-ADP	Exploit Patch Third Party Advisory

This CVE is in CISA's Known Exploited Vulnerabilities Catalog

Reference CISA's BOD 22-01 and Known Exploited Vulnerabilities Catalog for further guidance and requirements.

Vulnerability Name	Date Added	Due Date	Required Action
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability	05/01/2026	05/15/2026	"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-669	Incorrect Resource Transfer Between Spheres	CISA-ADP

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

62 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2026-31431
NVD Published Date:
04/22/2026
NVD Last Modified:
06/17/2026
Source:
kernel.org

URL: https://nvd.nist.gov/vuln/detail/CVE-2026-31431

⇱ NVD - CVE-2026-31431

CVE-2026-31431 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

This CVE is in CISA's Known Exploited Vulnerabilities Catalog

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by siemens-SADP 6/17/2026 6:33:42 AM

CVE Modified by CISA-ADP 6/17/2026 6:33:42 AM

CVE Modified by kernel.org 6/17/2026 6:33:42 AM

Reanalysis by NIST 5/21/2026 3:52:35 PM

Modified Analysis by NIST 5/18/2026 3:39:38 PM

CVE Modified by CVE 5/18/2026 2:17:21 PM

Modified Analysis by NIST 5/12/2026 12:15:00 PM

CVE Modified by siemens-SADP 5/12/2026 9:17:34 AM

Modified Analysis by NIST 5/11/2026 9:27:27 AM

CVE Modified by CVE 5/08/2026 5:16:27 PM

Modified Analysis by NIST 5/08/2026 3:42:29 PM

CVE Modified by CVE 5/08/2026 2:16:33 PM

Modified Analysis by NIST 5/08/2026 8:04:08 AM

CVE Modified by CVE 5/07/2026 11:16:24 PM

Modified Analysis by NIST 5/07/2026 12:13:17 PM

CVE Modified by CVE 5/07/2026 4:16:00 AM

Reanalysis by NIST 5/06/2026 9:53:24 AM

Modified Analysis by NIST 5/06/2026 8:28:41 AM

CVE Modified by CVE 5/06/2026 4:16:03 AM

Modified Analysis by NIST 5/05/2026 8:42:39 AM

CVE Modified by CVE 5/04/2026 9:16:06 PM

CVE Modified by CVE 5/04/2026 5:16:30 PM

CVE Modified by CVE 5/04/2026 4:16:17 PM

CVE Modified by CVE 5/04/2026 3:16:03 PM

CVE Modified by CVE 5/04/2026 2:16:26 PM

Modified Analysis by NIST 5/04/2026 9:24:19 AM

CVE Modified by CVE 5/04/2026 1:16:00 AM

CVE Modified by CVE 5/03/2026 7:16:41 PM

CVE Modified by CVE 5/03/2026 6:16:24 PM

CVE Modified by CVE 5/03/2026 4:16:01 PM

CVE Modified by CVE 5/03/2026 9:16:07 AM

CVE Modified by CVE 5/03/2026 3:16:15 AM

CVE Modified by CVE 5/02/2026 10:17:04 PM

CVE Modified by CVE 5/02/2026 9:15:57 PM

CVE Modified by CVE 5/02/2026 8:16:15 PM

CVE Modified by CVE 5/02/2026 7:16:16 PM

CVE Modified by CVE 5/02/2026 6:16:23 PM

CVE Modified by CVE 5/02/2026 5:16:06 PM

CVE Modified by CVE 5/02/2026 12:16:15 PM

CVE Modified by CVE 5/01/2026 7:16:17 PM

CVE CISA KEV Update by Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government 5/01/2026 6:00:03 PM

CVE Modified by CVE 5/01/2026 5:16:16 PM

CVE Modified by CVE 5/01/2026 4:16:21 PM

CVE Modified by CVE 5/01/2026 3:16:29 PM

CVE Modified by CVE 5/01/2026 2:16:14 PM

CVE Modified by CISA-ADP 5/01/2026 2:16:14 PM

Initial Analysis by NIST 5/01/2026 10:30:00 AM

CVE Modified by CVE 5/01/2026 5:16:16 AM

CVE Modified by CVE 5/01/2026 2:16:31 AM

CVE Modified by CVE 4/30/2026 4:16:23 PM

CVE Modified by CVE 4/30/2026 3:16:08 PM

CVE Modified by CVE 4/30/2026 2:16:27 PM

CVE Modified by CVE 4/30/2026 7:16:20 AM

CVE Modified by kernel.org 4/30/2026 6:16:00 AM

CVE Modified by CVE 4/30/2026 5:16:03 AM

CVE Modified by CVE 4/30/2026 4:16:06 AM

CVE Modified by CVE 4/30/2026 2:16:16 AM

CVE Modified by CVE 4/29/2026 9:16:01 PM

CVE Modified by CVE 4/29/2026 7:16:18 PM

CVE Modified by CISA-ADP 4/29/2026 5:16:20 PM

CVE Modified by kernel.org 4/27/2026 10:16:37 AM

New CVE Received from kernel.org 4/22/2026 5:16:21 AM

Quick Info