CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
It looks like the fix is just disabling the algif_aead kernel module. That prevented the proof of concept script from working on everything I tested it on. Hopefully they will get some kernel updates out soon.
Tested on Ubuntu 24.04. Security patching from Ubuntu does fix it. Scary vulnerability
It looks like the fix is just disabling the algif_aead kernel module. That prevented the proof of concept script from working on everything I tested it on. Hopefully they will get some kernel updates out soon.