[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVSS score 7.8 Severity High CVE-2026-31431 Linux kernel
- To: "Berkeley Linux Users Group (BerkeleyLUG)" <berkeleylug@googlegroups.com>
- Subject: CVSS score 7.8 Severity High CVE-2026-31431 Linux kernel
- From: "'Michael Paoli' via BerkeleyLUG" <berkeleylug@googlegroups.com>
- Date: Wed, 29 Apr 2026 14:30:35 -0700
- Arc-authentication-results: i=3; gmr-mx.google.com; dkim=pass header.i=@berkeley.edu header.s=google header.b=pSAK8KP8; arc=pass (i=1); spf=pass (google.com: domain of michael.paoli@berkeley.edu designates 2a00:1450:4864:20::22c as permitted sender) smtp.mailfrom=michael.paoli@berkeley.edu; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=berkeley.edu; dara=pass header.i=@googlegroups.com
- Arc-authentication-results: i=2; gmr-mx.google.com; dkim=pass header.i=@berkeley.edu header.s=google header.b=pSAK8KP8; arc=pass (i=1); spf=pass (google.com: domain of michael.paoli@berkeley.edu designates 2a00:1450:4864:20::22c as permitted sender) smtp.mailfrom=michael.paoli@berkeley.edu; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=berkeley.edu; dara=pass header.i=@googlegroups.com
- Arc-authentication-results: i=1; mx.google.com; arc=none
- Arc-message-signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:to:subject:message-id:date :from:mime-version:dkim-signature; bh=2e25KsWoL5LzoprfbVa0mCGIEabH+4qKYEAOqkPqrX0=; fh=wk7f6gykAavHbGlXAsNWsCQlPESdO6gUfVJUyjJcoEE=; b=M8Y/PKht/8rhyS7Lei8HnREg47N4wH4oiaJyypKIDPxRcJeBsz/qdw0+MDMrxQFIPN PxapOh61efdSRg7giqUr7KBvUQxHQurnVgHoUrtQOPIGd2YJEhGjL9ULO8FjyCS/CQpG jp4r5IC3AzQ+ESYR9jp8X0JBvFCxMFbqwj6gCfLinoFmOcP4hV0cF22sgcKhCXbCTh5A sIJw5s6Xzb5HNmR4yJ7NbwXIhkd4e6+6QMCWfVXKU1osMLt9tgHMDrx+hOiImQ1hFKVm GSMMHLinIwryLEqY61iaakVifOhcfxnZTjqGbCMi0FRK0xk6DkNjszzEpLtwCLwxk9vQ 5jhw==; darn=netisland.net
- Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:mime-version:dkim-signature; bh=xnKaUEB8gXjSECJ2YIEye+GEXr8Q9Wlq7Wb9fMAa/DM=; fh=sML/OULlfnWITsGkMh+cjofqEO0XhR1yO0lIVYTCoc4=; b=IyxH4iAhPD/PIuA3dtohHJN/G5Ggr5gHnsZvESd6aTuO3rQZKSXLTDKk0pT8/4yNtY Sr9ubuiIjTI+aNnHPbP8OcDLLcYV2BvYADjqFSGwuGyNMUMtytuMKd0Ish/lgsD9cg5S M0zEhpHm46Y3Aggoo585nDO23adcUUXLdrSGQoej8o4h6ngfGz4U3fER1upc3UX9MVu8 2feHRvbfZ9UFi2Tphgh0XRp5agdDLex4Y+nY43hDsIZKb0gmJzLyT9IS2x0+sHAgBG+4 PWExiBuoLCple8FjwX++JBsugx/ZCPbeNug33/PPVZJarwLfxVStw3HtMk6BL79xqp/A Ti0Q==; dara=google.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:mime-version:dkim-signature; bh=xnKaUEB8gXjSECJ2YIEye+GEXr8Q9Wlq7Wb9fMAa/DM=; fh=sML/OULlfnWITsGkMh+cjofqEO0XhR1yO0lIVYTCoc4=; b=fcinVjyi3OvBmSscumFBP3xn7+Jk+BxeU9O8xqgbz1mv+NHYzidPX1Ib6VGcEonWYJ 3/26TRAJ3KhW4ODk9Kq2m6AY6abjIika/q+sFfUqnYXtdfYqhE41n9sTCrJQAXdb3gR8 MeW+85LZI4kSRZbCCgWgVTb+MOnHu2xqpc0AnqBJydJnMBAd+ssjGaMzfe4e/WDP1u0I I5hAQXSNXVaiREcXewngJYjDhiyl7gAlIW4KEZYE/PXXOqQZulB2O5pv3hPpDc9VXPNh 6dhGpqnp3gOwwDE86vgoLoWz6Sei91CNLghqbNp1w8GK64N6bLK0TmnQDxd7voIDaYQf W0Lg==; dara=google.com
- Arc-seal: i=3; a=rsa-sha256; t=1777498276; cv=pass; d=google.com; s=arc-20240605; b=gEWmHvg6vNEFZ9DqM3080/EIkWrKqLiHEjCWWwkckMSDE6GnKoZGfGY93hUYoPJ9oC EFfLSqJKxXrI9m94IwozLZ7RlXBMJVs+SDnmJSmmPA4f0F413MTHbEf1ICTYLU4BPwtU UywAUHhHQ/ZDjZlBVGv60wyvZ8KmdBRqwKOc+t9jiPMZaaneJC/WAAP5LaXANtFIauUL 9nH1xuxj6kW8VdLwdxdTnxooWQCEvjVpkPIURwoVd3cVUaGaABBrF0cbaoul/AMV+zcn JNWzcAcAjZcHFMbwygKKreEsdRfwTj6FqmlGWMeD8HMg0jHOVmtoho4BcGZ7W+W50JWa yJTg==
- Arc-seal: i=2; a=rsa-sha256; t=1777498273; cv=pass; d=google.com; s=arc-20240605; b=QhdLk3kfBZFnfPPM9GAviBv5cKmUNiC4BoV62leKuZaG1td+SlUykQEOtnOFewFcaa Cu2u9hkJTs0XCM2N1rtj5b0LD6JHpFaPNegFPaB974akbUPlmpgm+s8TG4Wwecst45C8 8e5jGOdSKntnJXcSo0eOJbDfMQFvXymTH8WbAbhwR/Mpj46DdF+kg6ZtSV5yIQgu+zU+ MLEk7Dm0WGgVXLMKaESbdm+j2/+8w7cYZPPN3MZGw+X38Zn/OG9sivEmn9sdGw7zgCwj SlNwuVSytacwknASKCzeiQngyXpRNCOFin9T8WQcHGG6mvWZ72+IaDcVCWkVmhGXuHrf bzNQ==
- Arc-seal: i=1; a=rsa-sha256; t=1777498273; cv=none; d=google.com; s=arc-20240605; b=NaCi8D6M22BUXfjxTuuAKIwqZzEll+bHhE/mTsDAxi2IEutbaOu7gzKWi77TK/Ll9T lp2LYrXrijRaw+xnJZU4+lfc4BOqOZv/euaeNVldD64wW13T+3USN6b4qMC8I5CUz+fV uHVt19n4xJ6xeuu7CRCuu2z0nJhohUiyVr1ghOtbXUxbxUDXMNsJlj1fzb9PICV8A4V+ Tneraw+P7Ch2I/ECsYJfxgzLtHshIebQ7jME0sVb0kY2Z21kKbm9dagICT8pu0v4NUjC kFz2KLNWgSTvvtHshhUxY9ycWciovK51cecQFW6Qh86hbNnSE33sWZ8n+401ZmJ8BooF GE0g==
- Delivered-to: historian@entropia.netisland.net
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20251104; t=1777498276; x=1778103076; darn=netisland.net; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:to:subject :message-id:date:from:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=2e25KsWoL5LzoprfbVa0mCGIEabH+4qKYEAOqkPqrX0=; b=JnmfjpoAypoVqP+ZnwfPBJ25CJXBdzOBkEmhujOA5eGE8wC6E609MhFFMtjWX8Tsyv hd++8yw26ivpaMnn8JGS04G4MZYVC0FW0De8YVKpi/nd8lJt/z6oAwArjaqul5ippqIn oJxiH+KwJ1ffhThnhRbZIowt+Cgm+WHcrHLoitJ2bDssVFh/G/zXBk/mBZyWTNZf2UNF mGLgv/G8KcvXhkjHgjPq7xL0zbZT+cppjR+twa7GLHjfO4bSkO+sk+pDRHU5N3g2GywE OpVf8dMHI95OoAvyYfUuOZb8cCJbbiWG3TJxeJw2jp+CAuO3bBrpPSRz7oAPMo8Tw7YY S3MA==
- List-archive: <https://groups.google.com/group/berkeleylu>
- List-help: <https://groups.google.com/support/>, <mailto:berkeleylug+help@googlegroups.com>
- List-id: <berkeleylug.googlegroups.com>
- List-post: <https://groups.google.com/group/berkeleylug/post>, <mailto:berkeleylug@googlegroups.com>
- List-subscribe: <https://groups.google.com/group/berkeleylug/subscribe>, <mailto:berkeleylug+subscribe@googlegroups.com>
- List-unsubscribe: <mailto:googlegroups-manage+61884646931+unsubscribe@googlegroups.com>, <https://groups.google.com/group/berkeleylug/subscribe>
- Mailing-list: list berkeleylug@googlegroups.com; contact berkeleylug+owners@googlegroups.com
- Reply-to: Michael Paoli <michael.paoli@berkeley.edu>
CVSS score 7.8 Severity High CVE-2026-31431 Linux kernel
Highly easy root exploit (at least locally).
kernel.org kernel patched, various states for various distros,
if your distro doesn't have patch/update out yet, expect it soon.
Appears (I've not vetted it) there's also effective work-around to close
the hole in existing
running kernels, apparently, e.g.:
disable the algif_aead kernel module. This breaks nothing for the vast
majority of systems dm-crypt, LUKS, IPsec, TLS, SSH, and standard
OpenSSL/GnuTLS builds all use the in-kernel crypto API directly and do
not go through AF_ALG:
echo 'install algif_aead /bin/false' >/etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
For containerized or multi-tenant workloads, block AF_ALG socket
reation via seccomp policy regardless of patch state.
Proof-of-concept exploit already published, likely expect active exploit
attempts soon, if they've not already started.
Looks like the bug has been in Linux kernels for about 9 years.
Select references:
https://www.cve.org/CVERecord?id=CVE-2026-31431
https://www.cyberkendra.com/2026/04/a-732-byte-python-script-can-get-root.html
--
You received this message because you are subscribed to the Google Groups "BerkeleyLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to berkeleylug+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/berkeleylug/CAPU_E%2Beb3gDdT2b4SXTqp8d_qn1ZOGBWZ6gKXSo%3DuKNnoSkxtQ%40mail.gmail.com.