CVE-2026-31431

Confirmed PUBLISHED

crypto: algif_aead - Revert to operating out-of-place

Linux · Linux

1 day faster than CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.8 High EPSS 96.8%

At a Glance

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

cisa linux
CVE Published
Apr 22, 2026
Exploitation Reported
Jun 01, 2026
CVSS
7.8 High
EPSS
96.8%
Low complexity No user interaction

Affected Versions

72 version rows · page 1 of 3

Vendor Product Version Status
Red Hat
NVIDIA for RHEL 10

kernel

0:6.12.0-211.6.el10nv to < *

Unaffected
Red Hat
NVIDIA for RHEL 10

kernel

0:6.12.0-231.12.el10nv to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 10

kernel

0:6.12.0-124.55.1.el10_1 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 10

kernel

0:6.12.0-211.7.3.el10_2 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 10.0 Extended Update Support

kernel

0:6.12.0-55.71.1.el10_0 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8

kernel-rt

0:4.18.0-553.123.1.rt7.464.el8_10 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8

kernel

0:4.18.0-553.123.1.el8_10 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8

kpatch-patch

All versions (default: unaffected)

Unaffected
Red Hat
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

kernel

0:4.18.0-305.190.1.el8_4 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

kernel

0:4.18.0-305.190.1.el8_4 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support

kernel

0:4.18.0-372.191.1.el8_6 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.6 Telecommunications Update Service

kernel

0:4.18.0-372.191.1.el8_6 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

kernel

0:4.18.0-372.191.1.el8_6 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions

kpatch-patch

All versions (default: unaffected)

Unaffected
Red Hat
Red Hat Enterprise Linux 8.8 Telecommunications Update Service

kernel

0:4.18.0-477.139.1.el8_8 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

kernel

0:4.18.0-477.139.1.el8_8 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

kpatch-patch

All versions (default: unaffected)

Unaffected
Red Hat
Red Hat Enterprise Linux 9

kernel

0:5.14.0-611.54.1.el9_7 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 9

kernel

0:5.14.0-687.5.3.el9_8 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 9

kpatch-patch

All versions (default: unaffected)

Unaffected
Red Hat
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

kernel

0:5.14.0-70.178.1.el9_0 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

kernel-rt

0:5.14.0-70.178.1.rt21.250.el9_0 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

kpatch-patch

All versions (default: unaffected)

Unaffected
Red Hat
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

kernel

0:5.14.0-284.169.1.el9_2 to < *

Unaffected
Red Hat
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

kernel-rt

0:5.14.0-284.169.1.rt14.454.el9_2 to < *

Unaffected

CVE References

Show 3 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.