Description
In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead - Revert to operating out-of-place

This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.

There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.
Published: 2026-04-22
Score: 7.8 High
EPSS: 96.8% High
KEV: Yes
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw lies in the cryptographic helper module ALGIF_AEAD which previously performed an in‑place copy of authentication data. Because the source and destination buffers originate from different memory mappings, the in‑place implementation could race and corrupt kernel memory. This flaw enables a local attacker to overwrite protected kernel structures used by crypto operations, potentially allowing arbitrary code execution or privilege escalation. The vulnerability corresponds to CWE‑1288, indicating a race condition, and CWE‑669, indicating incorrect handling of authentication data.

Affected Systems

Linux kernels older than the revert commit – this includes mainstream distributions such as Ubuntu, Debian, RHEL, SUSE, and other custom builds that use kernel 5.x, 6.x, or 7.x before the patch. Any system still running a kernel that compiles the pre‑revert in‑place algif_aead implementation remains vulnerable.

Risk and Exploitability

The CVSS base score of 7.8 denotes high severity. An EPSS score of 97 % indicates a very high potential for exploitation. The vulnerability is listed in CISA’s KEV catalog, confirming that it has been targeted in the wild. Given these metrics, the flaw should be treated as a top‑priority security issue.

Generated by OpenCVE AI on June 23, 2026 at 17:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that incorporates the revert commit restoring the out‑of‑place copy logic for algif_aead.
  • If an official update is not yet available, obtain and apply the upstream patch from the kernel source to replace the vulnerable helper code.
  • Verify that the kernel configuration does not re‑enable the in‑place operation or reintroduce the old helper logic, and disable any optional crypto modules that expose the vulnerability if not required.
  • Enable kernel hardening options such as CONFIG_CRYPTO_MITIGATION, CONFIG_RANDOMIZE_BASE, or similar to reduce the attack surface.

Generated by OpenCVE AI on June 23, 2026 at 17:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4560-1 linux security update
Debian DLA Debian DLA DLA-4561-1 linux-6.1 security update
Debian DSA Debian DSA DSA-6238-1 linux security update
Debian DSA Debian DSA DSA-6243-1 linux security update
Ubuntu USN Ubuntu USN USN-8226-1 kmod update
Ubuntu USN Ubuntu USN USN-8226-2 kmod update
Ubuntu USN Ubuntu USN USN-8277-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8278-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8279-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8280-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8281-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8289-1 Linux kernel (NVIDIA) vulnerabilities
Ubuntu USN Ubuntu USN USN-8277-2 Linux kernel (Oracle) vulnerabilities
Ubuntu USN Ubuntu USN USN-8279-2 Linux kernel (GCP) vulnerabilities
Ubuntu USN Ubuntu USN USN-8280-2 Linux kernel (Azure)vulnerabilities
Ubuntu USN Ubuntu USN USN-8281-2 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-8279-3 Linux kernel (NVIDIA Tegra IGX) vulnerabilities
Ubuntu USN Ubuntu USN USN-8305-1 Linux kernel (Intel IoTG Real-time) vulnerabilities
Ubuntu USN Ubuntu USN USN-8278-2 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-8280-3 Linux kernel (IoT) vulnerabilities
Ubuntu USN Ubuntu USN USN-8305-2 Linux kernel (Low Latency) vulnerabilities
Ubuntu USN Ubuntu USN USN-8310-1 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-8350-1 Linux kernel (NVIDIA Tegra) vulnerabilities
Ubuntu USN Ubuntu USN USN-8351-1 Linux kernel (Low Latency) vulnerabilities
Ubuntu USN Ubuntu USN USN-8374-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8426-1 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-8426-2 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-8440-1 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-8441-1 Linux kernel vulnerabilities
References
Link Providers
http://www.openwall.com/lists/oss-security/2026/04/29/23 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/29/25 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/29/26 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/10 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/11 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/12 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/14 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/15 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/16 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/17 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/18 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/2 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/20 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/5 cve-icon
http://www.openwall.com/lists/oss-security/2026/04/30/6 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/10 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/12 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/15 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/16 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/17 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/18 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/2 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/22 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/23 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/24 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/01/3 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/14 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/15 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/16 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/17 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/18 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/19 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/20 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/21 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/23 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/24 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/25 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/4 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/5 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/6 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/7 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/02/8 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/10 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/12 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/13 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/3 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/4 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/5 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/03/6 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/1 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/10 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/11 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/12 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/13 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/14 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/2 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/24 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/27 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/28 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/29 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/31 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/8 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/04/9 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/06/5 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/07/12 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/07/2 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/08/13 cve-icon
http://www.openwall.com/lists/oss-security/2026/05/18/3 cve-icon
https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation cve-icon cve-icon
https://cert-portal.siemens.com/productcert/html/ssa-082556.html cve-icon
https://cert-portal.siemens.com/productcert/html/ssa-265688.html cve-icon
https://copy.fail cve-icon
https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c cve-icon cve-icon
https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc cve-icon cve-icon
https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667 cve-icon cve-icon
https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82 cve-icon cve-icon
https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b cve-icon cve-icon
https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 cve-icon cve-icon
https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237 cve-icon cve-icon
https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 cve-icon cve-icon
https://github.com/theori-io/copy-fail-CVE-2026-31431 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/ cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-31431 cve-icon
https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170 cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-31431 cve-icon
https://www.kb.cert.org/vuls/id/260001 cve-icon
https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 cve-icon cve-icon
History

Thu, 21 May 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:25.10:*:*:*:-:*:*:*

Mon, 18 May 2026 18:30:00 +0000

Type Values Removed Values Added
References

Tue, 12 May 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Arista
Arista cloudvision Agni
Arista cloudvision Portal
Arista netvisor Os
Arista velocloud Edge
Arista velocloud Gateway
Nixos
Nixos nixos
Siemens
Siemens simatic S7-1500 Cpu 1518-4 Pn\/dp Mfp
Siemens simatic S7-1500 Cpu 1518-4 Pn\/dp Mfp Firmware
Siemens simatic S7-1500 Cpu 1518f-4 Pn\/dp Mfp
Siemens simatic S7-1500 Cpu 1518f-4 Pn\/dp Mfp Firmware
Siemens simatic S7-1500 Tm Mfp
Siemens simatic S7-1500 Tm Mfp Firmware
Siemens siplus S7-1500 Cpu 1518-4 Pn\/dp Mfp
Siemens siplus S7-1500 Cpu 1518-4 Pn\/dp Mfp Firmware
Vmware
Vmware velocloud Orchestrator
CPEs cpe:2.3:a:arista:cloudvision_agni:*:*:*:*:*:-:*:*
cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:arista:velocloud_edge:*:*:*:*:*:*:*:*
cpe:2.3:a:arista:velocloud_gateway:-:*:*:*:*:*:*:*
cpe:2.3:a:vmware:velocloud_orchestrator:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\/dp_mfp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\/dp_mfp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_tm_mfp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\/dp_mfp:-:*:*:*:*:*:*:*
cpe:2.3:o:arista:netvisor_os:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:netvisor_os:7.1.0:-:*:*:*:*:*:*
cpe:2.3:o:arista:netvisor_os:7.1.0:hotfix7:*:*:*:*:*:*
cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\/dp_mfp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\/dp_mfp_firmware:*:*:*:*:*:*:*:*
Vendors & Products Arista
Arista cloudvision Agni
Arista cloudvision Portal
Arista netvisor Os
Arista velocloud Edge
Arista velocloud Gateway
Nixos
Nixos nixos
Siemens
Siemens simatic S7-1500 Cpu 1518-4 Pn\/dp Mfp
Siemens simatic S7-1500 Cpu 1518-4 Pn\/dp Mfp Firmware
Siemens simatic S7-1500 Cpu 1518f-4 Pn\/dp Mfp
Siemens simatic S7-1500 Cpu 1518f-4 Pn\/dp Mfp Firmware
Siemens simatic S7-1500 Tm Mfp
Siemens simatic S7-1500 Tm Mfp Firmware
Siemens siplus S7-1500 Cpu 1518-4 Pn\/dp Mfp
Siemens siplus S7-1500 Cpu 1518-4 Pn\/dp Mfp Firmware
Vmware
Vmware velocloud Orchestrator

Tue, 12 May 2026 13:30:00 +0000

Type Values Removed Values Added
References

Fri, 08 May 2026 21:30:00 +0000

Type Values Removed Values Added
References

Fri, 08 May 2026 18:30:00 +0000

Type Values Removed Values Added
References

Fri, 08 May 2026 03:30:00 +0000

Type Values Removed Values Added
References

Thu, 07 May 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Debian
Debian debian Linux
Opensuse
Opensuse leap
Suse basesystem Module
Suse caas Platform
Suse development Tools Module
Suse enterprise Storage
Suse legacy Module
Suse linux Enterprise Desktop
Suse linux Enterprise High Availability Extension
Suse linux Enterprise High Performance Computing
Suse linux Enterprise Live Patching
Suse linux Enterprise Micro
Suse linux Enterprise Real Time
Suse linux Enterprise Server
Suse linux Enterprise Workstation Extension
Suse linux Micro
Suse manager Proxy
Suse manager Retail Branch Server
Suse manager Server
Suse openstack Cloud
Suse openstack Cloud Crowbar
Suse public Cloud Module
Suse realtime Module
CPEs cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:* cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:enterprise_storage:7.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_proxy:4.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_retail_branch_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*
cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*
cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*
cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:13.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.5:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.6:*:*:*:*:*:*:*
cpe:2.3:o:suse:basesystem_module:15:sp1:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:basesystem_module:15:sp2:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:basesystem_module:15:sp3:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:basesystem_module:15:sp4:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:basesystem_module:15:sp5:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:basesystem_module:15:sp6:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:basesystem_module:15:sp7:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp1:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp2:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp3:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp4:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp5:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp6:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:development_tools_module:15:sp7:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:legacy_module:15:sp7:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp5:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp6:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp7:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:15:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:15:sp6:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:15:sp7:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:16.0:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:espos:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:espos:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:espos:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp6:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp7:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:12:sp5:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp5:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp6:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_live_patching:15:sp7:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.0:*:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.1:*:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.3:*:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.3:*:*:*:*:rancher:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.4:*:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.4:*:*:*:*:rancher:*:*
cpe:2.3:o:suse:linux_enterprise_micro:5.5:*:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp5:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp6:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp7:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss_extreme_core:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:ltss_extended_security:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:business_critical_linux:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp5:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp5:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp5:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp6:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp6:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp6:*:*:ltss:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp7:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp7:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:16.0:-:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:16.0:-:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_server:16.1:-:*:*:-:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:16.1:-:*:*:-:sap:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:15:sp7:*:*:*:*:*:*
cpe:2.3:o:suse:linux_micro:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_micro:6.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_micro:6.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:public_cloud_module:15:sp6:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:public_cloud_module:15:sp7:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:realtime_module:15:sp3:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:realtime_module:15:sp4:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:realtime_module:15:sp5:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:realtime_module:15:sp6:*:*:*:suse_linux_enterprise:*:*
cpe:2.3:o:suse:realtime_module:15:sp7:*:*:*:suse_linux_enterprise:*:*
Vendors & Products Suse suse Linux
Debian
Debian debian Linux
Opensuse
Opensuse leap
Suse basesystem Module
Suse caas Platform
Suse development Tools Module
Suse enterprise Storage
Suse legacy Module
Suse linux Enterprise Desktop
Suse linux Enterprise High Availability Extension
Suse linux Enterprise High Performance Computing
Suse linux Enterprise Live Patching
Suse linux Enterprise Micro
Suse linux Enterprise Real Time
Suse linux Enterprise Server
Suse linux Enterprise Workstation Extension
Suse linux Micro
Suse manager Proxy
Suse manager Retail Branch Server
Suse manager Server
Suse openstack Cloud
Suse openstack Cloud Crowbar
Suse public Cloud Module
Suse realtime Module

Thu, 07 May 2026 08:30:00 +0000

Type Values Removed Values Added
References

Wed, 06 May 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Suse
Suse suse Linux
CPEs cpe:2.3:o:novell:suse_linux:-:*:*:*:*:*:*:* cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*
Vendors & Products Novell
Novell suse Linux
Suse
Suse suse Linux

Wed, 06 May 2026 08:30:00 +0000

Type Values Removed Values Added
References

Tue, 05 May 2026 01:30:00 +0000

Type Values Removed Values Added
References

Mon, 04 May 2026 21:30:00 +0000

Type Values Removed Values Added
References

Mon, 04 May 2026 20:30:00 +0000

Type Values Removed Values Added
References

Mon, 04 May 2026 19:30:00 +0000

Type Values Removed Values Added
References

Mon, 04 May 2026 18:30:00 +0000

Type Values Removed Values Added
References

Mon, 04 May 2026 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Amazon
Amazon amazon Linux
Canonical
Canonical ubuntu Linux
Novell
Novell suse Linux
Redhat
Redhat enterprise Linux
Redhat openshift Container Platform
CPEs cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:amazon:amazon_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Vendors & Products Amazon
Amazon amazon Linux
Canonical
Canonical ubuntu Linux
Novell
Novell suse Linux
Redhat
Redhat enterprise Linux
Redhat openshift Container Platform

Mon, 04 May 2026 05:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 23:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 22:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 20:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 13:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 07:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 02:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 01:30:00 +0000

Type Values Removed Values Added
References

Sun, 03 May 2026 00:30:00 +0000

Type Values Removed Values Added
References

Sat, 02 May 2026 23:30:00 +0000

Type Values Removed Values Added
References

Sat, 02 May 2026 22:30:00 +0000

Type Values Removed Values Added
References

Sat, 02 May 2026 21:30:00 +0000

Type Values Removed Values Added
References

Sat, 02 May 2026 16:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 23:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 21:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 20:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 19:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 18:30:00 +0000

Type Values Removed Values Added
References
Metrics kev

{'dateAdded': '2026-05-01T00:00:00+00:00', 'dueDate': '2026-05-15T00:00:00+00:00'}

Fri, 01 May 2026 18:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 01 May 2026 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*

Fri, 01 May 2026 09:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 06:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 11:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 09:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
References

Thu, 30 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
References

Wed, 29 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
References

Wed, 29 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-669
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1288
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Wed, 22 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
Title crypto: algif_aead - Revert to operating out-of-place
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Amazon Amazon Linux
Arista Cloudvision Agni Cloudvision Portal Netvisor Os Velocloud Edge Velocloud Gateway
Canonical Ubuntu Linux
Debian Debian Linux
Linux Linux Kernel
Nixos Nixos
Opensuse Leap
Redhat Enterprise Linux Openshift Container Platform
Siemens Simatic S7-1500 Cpu 1518-4 Pn\/dp Mfp Simatic S7-1500 Cpu 1518-4 Pn\/dp Mfp Firmware Simatic S7-1500 Cpu 1518f-4 Pn\/dp Mfp Simatic S7-1500 Cpu 1518f-4 Pn\/dp Mfp Firmware Simatic S7-1500 Tm Mfp Simatic S7-1500 Tm Mfp Firmware Siplus S7-1500 Cpu 1518-4 Pn\/dp Mfp Siplus S7-1500 Cpu 1518-4 Pn\/dp Mfp Firmware
Suse Basesystem Module Caas Platform Development Tools Module Enterprise Storage Legacy Module Linux Enterprise Desktop Linux Enterprise High Availability Extension Linux Enterprise High Performance Computing Linux Enterprise Live Patching Linux Enterprise Micro Linux Enterprise Real Time Linux Enterprise Server Linux Enterprise Workstation Extension Linux Micro Manager Proxy Manager Retail Branch Server Manager Server Openstack Cloud Openstack Cloud Crowbar Public Cloud Module Realtime Module
Vmware Velocloud Orchestrator
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-18T17:44:54.264Z

Reserved: 2026-03-09T15:48:24.089Z

Link: CVE-2026-31431

cve-icon Vulnrichment

Updated: 2026-05-18T17:44:54.264Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-22T09:16:21.270

Modified: 2026-06-17T10:33:42.380

Link: CVE-2026-31431

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-22T00:00:00Z

Links: CVE-2026-31431 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-23T17:30:05Z

Weaknesses
  • CWE-1288

    Improper Validation of Consistency within Input

  • CWE-669

    Incorrect Resource Transfer Between Spheres