CVE-2026-31431 "Copy Fail" Linux Vulnerability

May 7, 2026

Alerted Vulnerabilities

On April 30, 2026, the "Copy Fail" vulnerability CVE-2026-31431 was reported to the Wind River PSIRT Team. A flaw was found in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect 'in-place operation' was introduced, where the source and destination data mappings were different. This could lead to unexpected behavior or data integrity issues during cryptographic operations, potentially impacting the reliability of encrypted communications. https://www.cve.org/CVERecord?id=CVE-2026-31431

Additionally, on May 1, 2026 the Cybersecurity and Infrastructure Agency (CISA) reported CVE-2026-31431 in the Known Exploited Vulnerabilities (KEV) database, escalating this vulnerability to a High-Profile PSIRT case. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431

Wind River Affected Products

eLxr Pro - All Versions
Wind River Linux - All Versions
Wind River Studio Developer - Limited impact
Wind River Cloud Platform - Limited impact

Impacted Products

No other Wind River Products use the Linux Kernal and are not impacted by this vulnerablity.

Mitigations

Wind River recommends officially updated packages and distros in the Remediation Section below, while the community has identified a possible work around listed here:

Source: https://cert.europa.eu/publications/security-advisories/2026-005/

Disable the algif_aead kernel module persistently on all affected systems until a patched kernel is available:

echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true

This workaround does not affect dm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. It may affect applications explicitly configured to use the afalg engine or that bind aead/skcipher/hash sockets directly. Exposure can be assessed with lsof | grep AF_ALG.

Remediation

The fix for this vulnerability has been identified: https://lore.kernel.org/openembedded-core/?q=CVE-2026-31431

Wind River Engineering teams are staging and testing product updates with the upstream fix and projected timelines according to the each product's impact:

eLxr Pro: Kernel updated build to be released to mirror package feeds estimated imminently
Wind River Linux: Kernel Update to be included in the next Hot Fix / RCPL
Wind River Studio Developer: Kernel Update in the Next patch release
Wind River Cloud Platform: Kernel update in the Next patch release

Next Steps

Please visit the Wind River Security Center for ongoing updates at https://www.windriver.com/security.

Additional Resources

Please access these additional resources for these and all vulnerabilities:

Wind River customers with additional questions about these vulnerabilities should contact Wind River Customer Support or their local Wind River sales representative for more information. If you own a device that may be impacted by these vulnerabilities, please contact your device manufacturer.

Embedded Platforms »

Enterprise Platforms »

Studio Tools »

Industries »

Customer Stories

Insights »

Wind River Services »

Security

Security Center

Support

Support Network

About Wind River »