Description
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
CISA Known Exploited Vulnerability
Date added 2026-05-01 | Due date 2026-05-15
"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Product status
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before 893d22e0135fa394db81df88697fba6032747667
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before 19d43105a97be0810edbda875f2cd03f30dc130c
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before 961cfa271a918ad4ae452420e7c303149002875b
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before 3115af9644c342b356f3f07a4dd1c8905cd9a6fc
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before 8b88d99341f139e23bdeb1027a2a3ae10d341d82
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before ce42ee423e58dffa5ec03524054c9d8bfd4f6237
72548b093ee38a6d4f2a19e6ef1948ae05c181f7 (git) before a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5
4.14
Any version before 4.14
5.10.254 (semver)
5.15.204 (semver)
6.1.170 (semver)
6.6.137 (semver)
6.12.85 (semver)
6.18.22 (semver)
6.19.12 (semver)
7.0 (original_commit_for_fix)
References
github.com/theori-io/copy-fail-CVE-2026-31431
xint.io/blog/copy-fail-linux-distributions
lore.kernel.org/...ce/2026042214-CVE-2026-31431-3d65@gregkh/
access.redhat.com/security/cve/cve-2026-31431
www.cisa.gov/...erabilities-catalog?field_cve=CVE-2026-31431
www.openwall.com/lists/oss-security/2026/04/29/23
www.openwall.com/lists/oss-security/2026/04/29/25
www.openwall.com/lists/oss-security/2026/04/29/26
www.openwall.com/lists/oss-security/2026/04/30/2
www.openwall.com/lists/oss-security/2026/04/30/5
www.openwall.com/lists/oss-security/2026/04/30/6
www.openwall.com/lists/oss-security/2026/04/30/10
www.openwall.com/lists/oss-security/2026/04/30/11
www.openwall.com/lists/oss-security/2026/04/30/12
www.openwall.com/lists/oss-security/2026/04/30/14
www.openwall.com/lists/oss-security/2026/04/30/15
www.openwall.com/lists/oss-security/2026/04/30/16
www.openwall.com/lists/oss-security/2026/04/30/17
www.openwall.com/lists/oss-security/2026/04/30/18
websec.net/...e-cache-write-to-root-69f38a4ccddd2db1f520f170
www.openwall.com/lists/oss-security/2026/04/30/20
www.openwall.com/lists/oss-security/2026/05/01/2
www.openwall.com/lists/oss-security/2026/05/01/3
www.openwall.com/lists/oss-security/2026/05/01/10
www.openwall.com/lists/oss-security/2026/05/01/12
www.openwall.com/lists/oss-security/2026/05/01/15
www.openwall.com/lists/oss-security/2026/05/01/16
www.openwall.com/lists/oss-security/2026/05/01/17
www.openwall.com/lists/oss-security/2026/05/01/18
www.openwall.com/lists/oss-security/2026/05/01/22
www.openwall.com/lists/oss-security/2026/05/01/23
www.openwall.com/lists/oss-security/2026/05/01/24
www.openwall.com/lists/oss-security/2026/05/02/4
www.openwall.com/lists/oss-security/2026/05/02/5
www.openwall.com/lists/oss-security/2026/05/02/6
www.openwall.com/lists/oss-security/2026/05/02/7
www.openwall.com/lists/oss-security/2026/05/02/8
www.openwall.com/lists/oss-security/2026/05/02/14
www.openwall.com/lists/oss-security/2026/05/02/15
www.openwall.com/lists/oss-security/2026/05/02/16
www.openwall.com/lists/oss-security/2026/05/02/17
www.openwall.com/lists/oss-security/2026/05/02/18
www.openwall.com/lists/oss-security/2026/05/02/19
www.openwall.com/lists/oss-security/2026/05/02/20
www.openwall.com/lists/oss-security/2026/05/02/21
www.openwall.com/lists/oss-security/2026/05/02/23
www.openwall.com/lists/oss-security/2026/05/02/24
www.openwall.com/lists/oss-security/2026/05/02/25
www.openwall.com/lists/oss-security/2026/05/03/3
www.openwall.com/lists/oss-security/2026/05/03/4
www.openwall.com/lists/oss-security/2026/05/03/10
www.openwall.com/lists/oss-security/2026/05/03/5
www.openwall.com/lists/oss-security/2026/05/03/6
www.openwall.com/lists/oss-security/2026/05/03/12
www.openwall.com/lists/oss-security/2026/05/03/13
www.openwall.com/lists/oss-security/2026/05/04/1
www.openwall.com/lists/oss-security/2026/05/04/2
www.openwall.com/lists/oss-security/2026/05/04/10
www.openwall.com/lists/oss-security/2026/05/04/11
www.openwall.com/lists/oss-security/2026/05/04/12
www.openwall.com/lists/oss-security/2026/05/04/13
www.openwall.com/lists/oss-security/2026/05/04/14
www.openwall.com/lists/oss-security/2026/05/04/8
www.openwall.com/lists/oss-security/2026/05/04/9
www.openwall.com/lists/oss-security/2026/05/04/24
www.openwall.com/lists/oss-security/2026/05/04/27
www.openwall.com/lists/oss-security/2026/05/04/28
www.openwall.com/lists/oss-security/2026/05/04/29
www.openwall.com/lists/oss-security/2026/05/04/31
www.openwall.com/lists/oss-security/2026/05/06/5
www.openwall.com/lists/oss-security/2026/05/07/2
www.openwall.com/lists/oss-security/2026/05/07/12
www.openwall.com/lists/oss-security/2026/05/08/13
www.kb.cert.org/vuls/id/260001
cert-portal.siemens.com/productcert/html/ssa-265688.html
cert-portal.siemens.com/productcert/html/ssa-082556.html
git.kernel.org/...c/893d22e0135fa394db81df88697fba6032747667
git.kernel.org/...c/19d43105a97be0810edbda875f2cd03f30dc130c
git.kernel.org/...c/961cfa271a918ad4ae452420e7c303149002875b
git.kernel.org/...c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc
git.kernel.org/...c/8b88d99341f139e23bdeb1027a2a3ae10d341d82
git.kernel.org/...c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8
git.kernel.org/...c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237
git.kernel.org/...c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5