{"id":"CVE-2026-31431","summary":"crypto: algif_aead - Revert to operating out-of-place","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.","modified":"2026-05-13T07:13:49.908751729Z","published":"2026-04-22T08:15:10.123Z","related":["ALSA-2026:13565","ALSA-2026:13566","ALSA-2026:13577","ALSA-2026:13578","ALSA-2026:A001","ALSA-2026:A002","ALSA-2026:A003","CGA-545q-7frg-wp89","SUSE-SU-2026:1669-1","SUSE-SU-2026:1670-1","SUSE-SU-2026:1671-1","SUSE-SU-2026:1671-2","SUSE-SU-2026:1672-1","SUSE-SU-2026:1674-1","SUSE-SU-2026:1675-1","SUSE-SU-2026:1676-1","SUSE-SU-2026:1677-1","SUSE-SU-2026:1678-1","SUSE-SU-2026:1684-1","SUSE-SU-2026:1686-1","SUSE-SU-2026:1689-1","SUSE-SU-2026:1690-1","SUSE-SU-2026:1691-1","SUSE-SU-2026:1694-1","SUSE-SU-2026:1698-1","SUSE-SU-2026:1706-1","SUSE-SU-2026:1708-1","SUSE-SU-2026:1710-1","SUSE-SU-2026:1718-1","SUSE-SU-2026:1724-1","SUSE-SU-2026:1725-1","SUSE-SU-2026:1726-1","SUSE-SU-2026:1728-1","SUSE-SU-2026:1733-1","SUSE-SU-2026:1735-1","SUSE-SU-2026:1736-1","SUSE-SU-2026:1765-1","SUSE-SU-2026:1767-1","SUSE-SU-2026:1768-1","SUSE-SU-2026:1770-1","SUSE-SU-2026:1771-1","SUSE-SU-2026:1773-1","SUSE-SU-2026:1775-1","SUSE-SU-2026:1776-1","SUSE-SU-2026:1780-1","SUSE-SU-2026:1781-1","SUSE-SU-2026:1786-1","SUSE-SU-2026:1787-1","SUSE-SU-2026:1790-1","SUSE-SU-2026:1791-1","SUSE-SU-2026:1792-1","SUSE-SU-2026:1793-1","SUSE-SU-2026:1798-1","SUSE-SU-2026:1801-1","SUSE-SU-2026:1802-1","SUSE-SU-2026:1804-1","SUSE-SU-2026:21421-1","SUSE-SU-2026:21439-1","SUSE-SU-2026:21442-1","SUSE-SU-2026:21443-1","SUSE-SU-2026:21453-1","SUSE-SU-2026:21454-1","SUSE-SU-2026:21463-1","SUSE-SU-2026:21467-1","SUSE-SU-2026:21468-1","SUSE-SU-2026:21469-1","SUSE-SU-2026:21470-1","SUSE-SU-2026:21471-1","SUSE-SU-2026:21472-1","SUSE-SU-2026:21473-1","SUSE-SU-2026:21474-1","SUSE-SU-2026:21475-1","SUSE-SU-2026:21476-1","SUSE-SU-2026:21477-1","SUSE-SU-2026:21478-1","SUSE-SU-2026:21479-1","SUSE-SU-2026:21480-1","SUSE-SU-2026:21481-1","SUSE-SU-2026:21482-1","SUSE-SU-2026:21483-1","SUSE-SU-2026:21484-1","SUSE-SU-2026:21485-1","SUSE-SU-2026:21486-1","SUSE-SU-2026:21487-1","SUSE-SU-2026:21488-1","SUSE-SU-2026:21489-1","SUSE-SU-2026:21491-1","SUSE-SU-2026:21494-1","SUSE-SU-2026:21495-1","SUSE-SU-2026:21496-1","SUSE-SU-2026:21497-1","SUSE-SU-2026:21498-1","SUSE-SU-2026:21499-1","SUSE-SU-2026:21500-1","SUSE-SU-2026:21501-1","SUSE-SU-2026:21502-1","SUSE-SU-2026:21503-1","SUSE-SU-2026:21504-1","SUSE-SU-2026:21505-1","SUSE-SU-2026:21506-1","SUSE-SU-2026:21507-1","SUSE-SU-2026:21508-1","SUSE-SU-2026:21509-1","SUSE-SU-2026:21510-1","SUSE-SU-2026:21511-1","SUSE-SU-2026:21512-1","SUSE-SU-2026:21513-1","SUSE-SU-2026:21514-1","SUSE-SU-2026:21515-1","SUSE-SU-2026:21516-1","SUSE-SU-2026:21517-1","SUSE-SU-2026:21519-1","SUSE-SU-2026:21520-1","SUSE-SU-2026:21521-1","SUSE-SU-2026:21522-1","SUSE-SU-2026:21523-1","SUSE-SU-2026:21524-1","SUSE-SU-2026:21525-1","SUSE-SU-2026:21526-1","SUSE-SU-2026:21527-1","SUSE-SU-2026:21528-1","SUSE-SU-2026:21529-1","SUSE-SU-2026:21530-1","SUSE-SU-2026:21531-1","SUSE-SU-2026:21532-1","SUSE-SU-2026:21533-1","SUSE-SU-2026:21554-1","SUSE-SU-2026:21555-1","SUSE-SU-2026:21556-1","SUSE-SU-2026:21557-1","SUSE-SU-2026:21558-1","SUSE-SU-2026:21562-1","SUSE-SU-2026:21563-1","openSUSE-SU-2026:10734-1","openSUSE-SU-2026:20665-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31431.json"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/29/23"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/29/25"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/29/26"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/10"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/11"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/12"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/14"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/15"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/16"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/17"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/18"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/20"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/5"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/04/30/6"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/10"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/12"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/15"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/16"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/17"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/18"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/22"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/23"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/24"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/01/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/14"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/15"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/16"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/17"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/18"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/19"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/20"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/21"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/23"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/24"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/25"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/4"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/5"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/6"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/7"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/02/8"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/10"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/12"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/13"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/4"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/5"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/03/6"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/10"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/11"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/12"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/13"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/14"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/24"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/27"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/28"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/29"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/31"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/8"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/04/9"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/06/5"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/07/12"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/07/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/08/13"},{"type":"WEB","url":"https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation"},{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"},{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"type":"WEB","url":"https://copy.fail"},{"type":"WEB","url":"https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82"},{"type":"WEB","url":"https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"},{"type":"WEB","url":"https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"},{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"},{"type":"WEB","url":"https://www.kb.cert.org/vuls/id/260001"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31431.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31431"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"ARTICLE","url":"https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170"},{"type":"ARTICLE","url":"https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"},{"type":"EVIDENCE","url":"https://github.com/theori-io/copy-fail-CVE-2026-31431"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"72548b093ee38a6d4f2a19e6ef1948ae05c181f7"},{"fixed":"893d22e0135fa394db81df88697fba6032747667"},{"fixed":"19d43105a97be0810edbda875f2cd03f30dc130c"},{"fixed":"961cfa271a918ad4ae452420e7c303149002875b"},{"fixed":"3115af9644c342b356f3f07a4dd1c8905cd9a6fc"},{"fixed":"8b88d99341f139e23bdeb1027a2a3ae10d341d82"},{"fixed":"fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"},{"fixed":"ce42ee423e58dffa5ec03524054c9d8bfd4f6237"},{"fixed":"a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31431.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.14.0"},{"fixed":"5.10.254"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.204"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.170"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.137"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.85"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.22"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.12"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31431.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}