Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation

Next message: Daniel J Blueman: "[7.1-rc1 BUG] System hang when reading clock controller sysfs 'registers' files"
Previous message: David Hildenbrand (Arm): "Re: [PATCH 0/2] userfaultfd: merge fs/userfaultfd.c into mm/userfaultfd.c"
Next in thread: Greg Dahlman: "Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Demi Marie Obenour

Date: Sat May 02 2026 - 02:39:35 EST

On 5/1/26 23:54, Eric Biggers wrote:
> On Sat, May 02, 2026 at 03:35:58AM +0000, Eric Biggers wrote:
>> So the idea would be something along the lines of:
>
> And just to make sure no one gets the wrong impression: just because
> there seem to be ways in which the attack surface of AF_ALG could/should
> be reduced doesn't mean that userspace should keep using it (or even
> worse, start to use it). Fixing programs like iwd needs to proceed
> concurrently, so that eventually (some years down the line) the problem
> can finally be fully solved by removing AF_ALG from the kernel source.
>
> - Eric

Can AF_ALG be emulated using LD_PRELOAD? That would allow it to be
eliminated from the kernel much more quickly, as one would not need
to get rid of all of its existing users. It would even work for those
who need AF_ALG because of closed source binaries, who otherwise will
have no alternative other than running an old kernel in a VM.
--
Sincerely,
Demi Marie Obenour (she/her/hers)

Attachment: OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature