U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2026-31431 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
http://www.openwall.com/lists/oss-security/2026/04/29/23 CVE
http://www.openwall.com/lists/oss-security/2026/04/29/25 CVE
http://www.openwall.com/lists/oss-security/2026/04/29/26 CVE
http://www.openwall.com/lists/oss-security/2026/04/30/10 CVE
http://www.openwall.com/lists/oss-security/2026/04/30/11 CVE
http://www.openwall.com/lists/oss-security/2026/04/30/12 CVE
http://www.openwall.com/lists/oss-security/2026/04/30/2 CVE
http://www.openwall.com/lists/oss-security/2026/04/30/5 CVE
http://www.openwall.com/lists/oss-security/2026/04/30/6 CVE
https://copy.fail CVE
https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c kernel.org
https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc kernel.org
https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667 kernel.org
https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82 kernel.org
https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b kernel.org
https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 kernel.org
https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237 kernel.org
https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 kernel.org
https://github.com/theori-io/copy-fail-CVE-2026-31431 CISA-ADP

Weakness Enumeration

CWE-ID CWE Name Source
CWE-669 Incorrect Resource Transfer Between Spheres CISA-ADP  

Change History

10 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2026-31431
NVD Published Date:
04/22/2026
NVD Last Modified:
04/30/2026
Source:
kernel.org