Back

Critical Privilege Escalation Vulnerability in Ubuntu's Algif_aead Module

Severity: High (Score: 70.5)

Sources: launchpad.net, Linuxsecurity, Ubuntu

Summary

A significant privilege escalation vulnerability has been identified in the Linux kernel's algif_aead module, affecting multiple Ubuntu releases including 20.04 LTS, 18.04 LTS, 16.04 LTS, 14.04 LTS, and newer versions up to 25.10. The flaw allows local attackers to escalate privileges to root, posing a serious security risk. In response, the kmod package has been updated to block the loading of the algif_aead module as a temporary mitigation until a permanent kernel fix is deployed. Users are advised to update their systems to specific kmod package versions to mitigate the risk. The CVE associated with this vulnerability is CVE-2026-31431, which was published on April 22, 2026, with a proof of concept released on April 30, 2026. Affected users should reboot their systems after applying the updates to ensure the changes take effect. Key Points: • CVE-2026-31431 allows local privilege escalation via the algif_aead module. • Multiple Ubuntu versions, including LTS releases, are affected by this vulnerability. • Immediate updates to the kmod package are required to mitigate the risk.

Key Entities

  • Privilege Escalation (attack_type)
  • CVE-2026-31431 (cve)
  • CWE-269 - Improper Privilege Management (cwe)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • Linux (platform)
  • Ubuntu (company)
  • Algif_aead Privilege Escalation (vulnerability)
  • Copy.fail (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed