jon/CVE-2026-31431-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4 Commits 1 Branch 0 Tags
9fe0b4b8362bf0347f00c98309fba4285bf65174
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Copy Fail - CVE-2026-31431

Technical Writeup

Tested Distro / Version

Distro Version
Ubuntu 24.04 LTS 6.17.0-1007-aws
Amazon Linux 2023 6.18.8-9.213.amzn2023
RHEL 10.1 6.12.0-124.45.1.el10_1
SUSE 16 6.12.0-160000.9-default
Rocky Linux 9.7 (Blue Onyx) 5.14.0-611.49.1.el9_7.x86_64

aarch64 ?

Distro Version
Ubuntu 24.04 LTS 6.17.0-1011-oracle
RaspbianOS ? ????

unaffected

Distro Version Reason
Devuan 6.12.74+deb13+1-amd64 algif_aead is not used by kernel

Files

check.sh - makes a check to see if the exploitable crypto module is loaded. mitigate.sh - unloads the exploitable crypto module, chances are you didnt need it anyway.

copy_fail.py - the complete exploit writeup in plain python code.

copy_fail_exp.py - the exploit in pure python for x86 systems. copy_fail_exp_aarch64.py - the exploit in pure python for aarch64 systems.

run to get the file as a non-privilaged user.

 curl https://git.jonstarkey.co.uk/jon/CVE-2026-31431-tools/raw/branch/main/copy_fail_exp.py

or

 curl https://git.jonstarkey.co.uk/jon/CVE-2026-31431-tools/raw/branch/main/copy_fail_exp_aarch64.py
Description
tools to block the CVE, also detect the block and patches, extended support list.
Readme 51 KiB
Languages
Python 94.2%
Shell 5.8%