Summary
A set of Linux kernel vulnerabilities related to unsafe in-place cryptographic operations on shared memory pages have been publicly disclosed. These local privilege escalation (LPE) vulnerabilities affect the kernel's cryptographic interface (algif_aead), the ESP/XFRM IPsec subsystem, and the RxRPC networking subsystem. All three are rated as Important with a CVSS v3.1 base score of 7.8.
Date of publication
May 15th, 2026
Description
The following vulnerabilities are in scope of this advisory:CVE-2026-31431 (CopyFail):
- A flaw in the Linux kernel's algif_aead cryptographic interface where an incorrect in-place operation was introduced with differing source and destination data mappings, potentially leading to data integrity issues and privilege escalation.
- CVE-2026-43284 (DirtyFrag, ESP/XFRM variant): A flaw in the Linux kernel's xfrm-ESP path where unsafe in-place cryptographic processing of shared skb fragments referencing file-backed page-cache pages can be exploited to corrupt privileged files and gain root access.
- CVE-2026-43500 (DirtyFrag, RxRPC variant): A flaw in the Linux kernel's RxRPC networking subsystem where in-place pcbc(fcrypt) decryption on splice-pinned page-cache references can be exploited to corrupt page-cache contents and gain root privileges.
Impact
HYCU security posture is not affected.
Mitigation
No action is required.
Reference
- NVD link: NVD - CVE-2026-31431
- NVD link: NVD - CVE-2026-43284
- NVD link: NVD - CVE-2026-43500
- RedHat security advisory link: https://access.redhat.com/errata/RHSA-2026:13577
- RedHat security advisory link: https://access.redhat.com/errata/RHSA-2026:16195
Comments
Please sign in to leave a comment.