jon/CVE-2026-31431-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9efef9830933f590a2f118990e3d94b016ac1e0c
CVE-2026-31431-tools/README.md
Jon 9efef98309 Added more in readme
2026-04-30 17:01:19 +01:00

1.6 KiB
Raw Blame History

Copy Fail - CVE-2026-31431

Technical Writeup

Tested Distro / Version

Distro Version
Ubuntu 24.04 LTS 6.17.0-1007-aws
Amazon Linux 2023 6.18.8-9.213.amzn2023
RHEL 10.1 6.12.0-124.45.1.el10_1
SUSE 16 6.12.0-160000.9-default
Rocky Linux 9.7 (Blue Onyx) 5.14.0-611.49.1.el9_7.x86_64
Alphine Linux 6.18.25-0-virt #1-Alpine
NixOS 25.11 mwagner-t14 6.12.83

aarch64 ?

Distro Version
Ubuntu 24.04 LTS 6.17.0-1011-oracle
RaspbianOS ? ????

unaffected

Distro Version Reason
Devuan 6.12.74+deb13+1-amd64 algif_aead is not used by kernel
Debian 12 6.1.0-40-amd64 Predates the exploit occurance (6.1.0-41 works)

Files

check.sh - makes a check to see if the exploitable crypto module is loaded. mitigate.sh - unloads the exploitable crypto module, chances are you didnt need it anyway.

copy_fail.py - the complete exploit writeup in plain python code.

copy_fail_exp.py - the exploit in pure python for x86 systems. copy_fail_exp_aarch64.py - the exploit in pure python for aarch64 systems.

run to get the file as a non-privilaged user.

 curl https://git.jonstarkey.co.uk/jon/CVE-2026-31431-tools/raw/branch/main/copy_fail_exp.py

or

 curl https://git.jonstarkey.co.uk/jon/CVE-2026-31431-tools/raw/branch/main/copy_fail_exp_aarch64.py