Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse

Avoracloud Community
  1. Home
  2. Announcements | 公告
  3. Security Advisory: Linux Kernel Local Privilege Escalation (CVE-2026-31431)

Security Advisory: Linux Kernel Local Privilege Escalation (CVE-2026-31431)

Scheduled Pinned Locked Moved Announcements | 公告
1 Posts 1 Posters 49 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    D Offline
    dawn
    wrote last edited by dawn
    #1

    Description

    A flaw was found in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect 'in-place operation' was introduced, where the source and destination data mappings were different. This could lead to unexpected behavior or data integrity issues during cryptographic operations, potentially impacting the reliability of encrypted communications.

    This local privilege escalation is rated as Important severity. Part of the Linux kernel's cryptographic interface contains an incorrect in-place operation, where source and destination data mappings differ. This could lead to data integrity issues, including the escalation to root privileges.

    Affected Products

    • RHEL/CentOS/Rocky Linux/AlmaLinux 8, 9, 10 (Fixed)
    • openEuler 20.03 LTS and later versions (Fixed)

    Mitigation (for RHEL/CentOS)

    Warning: there may be performance impacts for modifying functionality that uses kernel cryptographic functions.

    1. Run below command to append the option to grub:
    # grubby --update-kernel=ALL --args='initcall_blacklist=algif_aead_init'
    1. Restart the system:
    # reboot
    1. Verification: once rebooted, verify the parameter:
    # cat /proc/cmdline | grep initcall_blacklist
BOOT_IMAGE=(hd0,gpt2)/vmlinuz<...> initcall_blacklist=algif_aead_init

    Reverse Mitigation

    Once the fixed kernel is available and installed to reverse the mitigation see steps below:

    1. Run below command to remove the option to grub:
    # grubby --update-kernel=ALL --remove-args='initcall_blacklist=algif_aead_init'
    1. Restart the system:
    # reboot
    1. Verification: once rebooted, verify the parameter has been removed:
    # cat /proc/cmdline | grep initcall_blacklist
<... no output ...>

    References

    https://access.redhat.com/security/cve/cve-2026-31431

    1 Reply Last reply
    0

    Hello! It looks like you're interested in this conversation, but you don't have an account yet.

    Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

    With your input, this post could be even better 💗

    Register Login
    Reply
    • Reply as topic
    Log in to reply
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes

    • Login
    • Don't have an account? Register
    • Login or register to search.
    Powered by NodeBB Contributors
    • First post
      Last post
    0
    • Categories
    • Recent
    • Tags
    • Popular
    • World
    • Users
    • Groups