CVE-2026-31431
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-05-15.
17 articles across 13 outlets · first covered Apr 30, 2026 · latest May 27, 2026
Tracked incidents
Associated threat actors
Coverage timeline
-
Moxa Linux Flaw Lets Local Users Gain Root Access via Dirty Fragsecurityonline.info · May 27, 2026
-
Linux Kernel Flaw Lets Attackers Gain Root via Copy Fail Exploitwww.elastic.co · May 9, 2026
-
Linux Kernel Flaw Lets Users Gain Root via Page Cache Corruptionisc.sans.edu · May 8, 2026
-
Dirty Frag kernel bug enables local root via chained exploitsthehackernews.com · May 8, 2026
-
CVE-2026-31431: Linux Kernel Flaw Enables Root via Simple Scriptunit42.paloaltonetworks.com · May 5, 2026
-
Hacker News Weekly: Exploits Outpace Patches, Systems at Risk.thehackernews.com · May 4, 2026
-
CISA flags Linux kernel CVE-2026-31431, urgent patch by May 15securityaffairs.com · May 4, 2026
-
CISA Warns of Active Exploitation of Linux Kernel Copy Fail Flawwww.securityweek.com · May 4, 2026
-
CISA flags CVE-2026-31431 Linux kernel flaw under active attackthehackernews.com · May 3, 2026
-
Microsoft warns CVE-2026-31431 lets Linux users get root in cloudwww.microsoft.com · May 2, 2026
-
CISA Flags Linux Kernel Flaw CVE-2026-31431 in KEV Catalogwww.cisa.gov · May 1, 2026
-
CISA Adds CVE-2026-31431 to Known Exploited Vulnerabilities Cataloguecisa.gov · May 1, 2026
-
AI tool finds 2017 Linux kernel zero day CVE-2026-31431www.infosecurity-magazine.com · May 1, 2026
-
Nine year old Linux bug CVE-2026-31431 lets users gain rootwww.darkreading.com · Apr 30, 2026
-
CopyFail Exploit Goes Public, Puts Linux Systems at Root Riskarstechnica.com · Apr 30, 2026
-
Linux Kernel Bug CVE-2026-31431 Lets Users Gain Rootsecurityaffairs.com · Apr 30, 2026
-
‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeoverwww.securityweek.com · Apr 30, 2026