—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Local Privilege Escalation Vulnerability in Linux Kernel

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Linux kernel versions from 4.14 up to 5.10.254

Linux kernel versions from 5.11 up to 5.15.204

Linux kernel versions from 5.16 up to 6.1.170

Linux kernel versions from 6.2 up to 6.6.137

Linux kernel versions from 6.7 up to 6.12.85

Linux kernel versions from 6.13 up to 6.18.22

Linux kernel versions from 6.19 up to 6.19.12

Overview

A vulnerability has been reported in the Linux kernel that could allow a local attacker with low privileges to escalate privileges, and access or modify sensitive files on the targeted system.

Target Audience:

All organizations and individuals running affected versions of Linux Kernel.

Risk Assessment:

High risk of local privilege escalation and unauthorized access to sensitive kernel memory./P>

Impact Assessment:

Potential for full system compromise, execution of arbitrary code, privilege escalation, data corruption, and system disruption.

Description

The Linux kernel is the core component of many operating systems, responsible for managing hardware resources and providing essential system services, including cryptographic operations.

This vulnerability commonly referred to as “copy-fail” exists in the Linux Kernel due to logic flaw in the algif_aead module of the Linux kernel’s cryptographic subsystem. An attacker can exploit this vulnerability by corrupting the page cache of a setuid binary.

Successful exploitation of this vulnerability could allow a local attacker to execute code with elevated privileges, and access or modify sensitive files.

Note: This vulnerability (CVE-2026-31431) is being actively exploited in the wild. Users are strongly advised to apply the latest patches immediately.

Solution

Apply the latest kernel updates provided by your Linux distribution or upstream maintainers:

https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667

https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c

https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b

https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc

https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82

https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8

https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237

https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5

References

https://security-tracker.debian.org/tracker/CVE-2026-31431

https://access.redhat.com/security/cve/cve-2026-31431

https://www.suse.com/security/cve/CVE-2026-31431.html

https://ubuntu.com/security/CVE-2026-31431

https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches

CVE Name

CVE-2026-31431

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmn4qSgACgkQ3jCgcSdc

ys9Zzw/9EzXk6mR3bsclpT/6MhmLtTAQycZHZ4FkUNC52iE/EMKUrQxScfo8HBm6

YVMtlvS32vCdjgzjcsN8D+RiRVywWYyY93NZdyrATvUgRynZv5o7q2KAmFhv6RLB

oZUN/gELHZcf+BUUj92eOmyeZ3zRX0o/jYNb5eTQoFumz88k1W8IWrGy+l8Iu8IA

Y3dMDYTfSjhzcELXd4/mj9v7rJTVArYp0ksNGme1AakOEhA3bYhD6uDjGcI34pkT

+aLwrAk8PfbQjJotW8KNnU60CITn3oYGtSfdmYL4INh0QfBo9kTE4/oWCGmZytAX

X69Jy0JDN/Lx+mkkJ0Z8zfRORpREfwTx6O7i7UasKOGR3viRBqb1WgcWANPl0x2l

bnrkZS2MsCqow3SFz4/fXyNWwjC0S0teHc/05tZtCnWhgj2G4r7shtvl972f4/BL

JxByTR29p/FN0LQs8OM1UJxbAohiBI1l8ej6gFjhwPSGx2RpOEFPBcfapn1IYVSA

r/0/ugSANVTNdm2z7+5SRSWEidJCe303ZAQwdgXDc3GzPw1ABV5nXmHST032UP5A

BrQ3V/diVLXwcHI6yAY2qC4uBZoq6bGI2xRQTcYgFqXiT3cy9jE/oHQCK7n5ytat

JFuZbWGARPMFHyIFFLcDznndCU4MxtQPw+LvIHzZE0c7MR1VbXg=

=KPsu

—–END PGP SIGNATURE—–