* CVE-2026-31431 aka "Copy fail" allows root exploit from local access
@ 2026-04-30 13:04 Pavel Machek
0 siblings, 0 replies; only message in thread
From: Pavel Machek @ 2026-04-30 13:04 UTC (permalink / raw)
To: cip-dev
[-- Attachment #1: Type: text/plain, Size: 1117 bytes --]
Hi!
Apparently there's new CVE with a name:
https://nvd.nist.gov/vuln/detail/CVE-2026-31431
https://xint.io/blog/copy-fail-linux-distributions
You may have already heard about it, or likely you'll hear about it,
soon, as it is widespread and easy to exploit for local users.
If you don't have local untrusted users, you don't need to do
anything urgently.
If you don't have CONFIG_CRYPTO_AUTHENC enabled, you are not
vulnerable and don't need to do anything. CRYPTO_AUTHENC is "Authenc:
Combined mode wrapper for IPsec. This is required for IPSec ESP
(XFRM_ESP)."
4.4-cip is not affected, other -cip branches are affected. If you are
running affected -cip branch, have CRYPTO_AUTHENC enabled, have local
untrusted users and have security requirements, you may want to
investigate immediately and let us know.
[This may be another reminder to disable config options you don't
strictly needed.]
Current plan is to release 6.12-cip, 6.1-cip, 5.10-cip and 4.19-cip
ahead of their normal schedule, followed by -cip-rt kernels.
If you believe you are affected by this bug, let us know.
Best regards,
Pavel
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-04-30 13:05 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-30 13:04 CVE-2026-31431 aka "Copy fail" allows root exploit from local access Pavel Machek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox