Back

Privilege Escalation Vulnerability in Linux Kernel's algif_aead Module

Severity: High (Score: 70.5)

Sources: Ubuntu, launchpad.net

Summary

A logic flaw in the Linux kernel's algif_aead module has been identified, allowing local attackers to escalate privileges to root. This vulnerability is tracked as CVE-2026-31431, which was published on 2026-04-22. As a precaution, the kmod package has been updated to disable the loading of the algif_aead module until a kernel fix is deployed. Users are advised to update their systems and reboot to apply the changes. The issue affects systems running the Linux kernel that utilize the algif_aead module. The first public proof of concept (PoC) for the vulnerability was released on the same day as the articles, 2026-04-30. Ubuntu Pro users are covered under a ten-year security policy for affected packages. The situation is currently being monitored as the community awaits a more permanent fix. Key Points: • A logic flaw in the algif_aead module allows local privilege escalation to root. • The vulnerability is tracked as CVE-2026-31431, with a public PoC released on 2026-04-30. • The kmod package has been updated to disable the algif_aead module as a temporary measure.

Key Entities

  • Privilege Escalation (attack_type)
  • CVE-2026-31431 (cve)
  • CWE-269 - Improper Privilege Management (cwe)
  • Linux (platform)
  • Copy.fail (vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed