You are not logged in.

Pages: 1

#1 2026-05-03 08:41:17

Raqua
Member
Registered: 2007-11-24
Posts: 148

Question about CVE-2026-31431

Not sure which forum section to post this, there seems to be no security related one.

I have question about https://security.archlinux.org/CVE-2026-31431.

It is patched in 6.19.12-1, 7.x kernels, but I am using LTS - 6.18.26-1-lts.
I presume it is patched there as well, but I don't see it mentioned.

It is fixed there, right?

Offline

#2 2026-05-03 10:06:05

Lone_Wolf
Administrator
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 14,962

Re: Question about CVE-2026-31431

It's hard to find authoritative sources .

https://www.cve.org/CVERecord?id=CVE-2026-31431 seems to be the original report but doesn't list which versions are affected.

https://euvd.enisa.europa.eu/vulnerabil … 2026-31431 shows which versions got patches and the number of 6.18.22 is confirmed by atleast 2 other sources :

https://app.opencve.io/cve/CVE-2026-31431
https://nvd.nist.gov/vuln/detail/CVE-20 … ationsArea

You may want to check the upstream changelog for 6.18.22 .

Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.

clean chroot building not flexible enough ?
Try clean chroot manager by graysky

Offline

#3 2026-05-03 12:18:57

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,172

Re: Question about CVE-2026-31431

https://bbs.archlinux.org/viewtopic.php … 6#p2296576
https://github.com/gregkh/linux/commit/ … 5bcc9aedd8

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#4 2026-05-03 12:57:58

faetter
Member
Registered: 2019-09-21
Posts: 34

Re: Question about CVE-2026-31431

Lone_Wolf wrote:

It's hard to find authoritative sources .

https://www.cve.org/CVERecord?id=CVE-2026-31431 seems to be the original report but doesn't list which versions are affected.

They do it in a weird way, if you scroll down in the product status section you can see:

unaffected

unaffected from 0 before 4.14
unaffected from 5.10.254 through 5.10.*
unaffected from 5.15.204 through 5.15.*
unaffected from 6.1.170 through 6.1.*
unaffected from 6.6.137 through 6.6.*
unaffected from 6.12.85 through 6.12.*
unaffected from 6.18.22 through 6.18.* 
unaffected from 6.19.12 through 6.19.*
unaffected from 7.0

Implying it got fixed in 6.18.22, which is what others have been reporting, as you pointed out

Last edited by faetter (2026-05-03 13:04:35)

None are more enslaved than those who falsely believe they are free

Offline

#5 2026-05-03 13:42:16

dimich
Member
From: Kharkiv, Ukraine
Registered: 2009-11-03
Posts: 595

Re: Question about CVE-2026-31431

Since the vulnerability is reliably reproducible, you can test particular running kernel. For example, using this python script: https://github.com/rootsecdev/cve_2026_ … 6_31431.py

Offline

#6 Yesterday 11:47:38

Raqua
Member
Registered: 2007-11-24
Posts: 148

Re: Question about CVE-2026-31431

Thanks for all your answers. For some reason, I did not get notifications about the replies.
I have checked my machines (also those that should be vulnerable) with various simple detection one-liners, but I hesitate to run some code that I don't understand downloaded from random repo. smile
None of the simple tools reported my vulnerable machines as vulnerable, hence I was unsure about this.

Anyway, I guess the LTS kernel is also OK.

Offline

#7 Yesterday 15:44:10

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,172

Re: Question about CVE-2026-31431

Fwwi, the latest kernels also cover dirty.frag …
Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#8 Yesterday 18:16:23

topcat01
Member
Registered: 2019-09-17
Posts: 283

Re: Question about CVE-2026-31431

seth, do you know if the RXRPC module has also been fixed? In the commits so far I only see the esp modules.

Offline

#9 Yesterday 18:51:16

faetter
Member
Registered: 2019-09-21
Posts: 34

Re: Question about CVE-2026-31431

topcat01 wrote:

seth, do you know if the RXRPC module has also been fixed? In the commits so far I only see the esp modules.

I think that second commit for rxrpc is still outstanding from my reading of the kernel mailing list:

https://lore.kernel.org/all/af19tf9gX3sxIrWr@v4bel/
https://lore.kernel.org/all/2026050859- … e2@gregkh/

None are more enslaved than those who falsely believe they are free

Offline

#10 Yesterday 19:52:56

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,172

Re: Question about CVE-2026-31431

I was frankly under the impression RH had already addressed this because of the slew of rxrpc commits in https://cdn.kernel.org/pub/linux/kernel … eLog-7.0.4 and https://cdn.kernel.org/pub/linux/kernel … og-6.18.27 some explicitly addressing the concerned functions, but apparently those were unrelated bugfixes and the suggested patch would rather re-introduce those bugs…
Sorry for the confusion.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

Pages: 1

Board footer

Powered by FluxBB