Vulnerability-Lookup

RHSA-2026:16208

Vulnerability from csaf_redhat - Published: 2026-05-12 12:38 - Updated: 2026-05-14 22:35

Summary

Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_158_1 security update

Severity

Important

Notes

Topic: An update for multiple packages is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-284.104.1.el9_2. Security Fix(es): * kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2026-31431

A flaw was found in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect 'in-place operation' was introduced, where the source and destination data mappings were different. This could lead to unexpected behavior or data integrity issues during cryptographic operations, potentially impacting the reliability of encrypted communications.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-1288 - Improper Validation of Consistency within Input

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64	—	Vendor Fix fix Workaround

Threats

Exploit Status CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Impact Important

References

18 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:16208	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2460538	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2026-31431	self
https://bugzilla.redhat.com/show_bug.cgi?id=2460538	external
https://access.redhat.com/security/vulnerabilitie…	external
https://www.cve.org/CVERecord?id=CVE-2026-31431	external
https://nvd.nist.gov/vuln/detail/CVE-2026-31431	external
https://access.redhat.com/articles/7141989	external
https://access.redhat.com/solutions/7141931	external
https://access.redhat.com/solutions/7141979	external
https://access.redhat.com/solutions/7141990	external
https://access.redhat.com/solutions/7141996	external
https://access.redhat.com/solutions/7142032	external
https://docs.redhat.com/en/documentation/red_hat_…	external
https://lore.kernel.org/linux-cve-announce/202604…	external
https://www.cisa.gov/known-exploited-vulnerabilit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for multiple packages is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.  This patch module is targeted for kernel-5.14.0-284.104.1.el9_2.\n\nSecurity Fix(es):\n\n* kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:16208",
        "url": "https://access.redhat.com/errata/RHSA-2026:16208"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2460538",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_16208.json"
      }
    ],
    "title": "Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_158_1 security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:35:19+00:00",
      "generator": {
        "date": "2026-05-14T22:35:19+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2026:16208",
      "initial_release_date": "2026-05-12T12:38:49+00:00",
      "revision_history": [
        {
          "date": "2026-05-12T12:38:49+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-05-12T12:38:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:35:19+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
                  "product_id": "BaseOS-9.2.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1@1-14.el9_2?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1@1-11.el9_2?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1@1-5.el9_2?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1@1-3.el9_2?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1@1-1.el9_2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1@1-14.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debugsource@1-14.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debuginfo@1-14.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1@1-11.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debugsource@1-11.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debuginfo@1-11.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1@1-5.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debugsource@1-5.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debuginfo@1-5.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1@1-3.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debugsource@1-3.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debuginfo@1-3.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1@1-1.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debugsource@1-1.el9_2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debuginfo@1-1.el9_2?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1@1-14.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debugsource@1-14.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debuginfo@1-14.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1@1-11.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debugsource@1-11.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debuginfo@1-11.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1@1-5.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debugsource@1-5.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debuginfo@1-5.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1@1-3.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debugsource@1-3.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debuginfo@1-3.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1@1-1.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debugsource@1-1.el9_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
                  "product_id": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debuginfo@1-1.el9_2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
          "product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64",
        "relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-31431",
      "cwe": {
        "id": "CWE-1288",
        "name": "Improper Validation of Consistency within Input"
      },
      "discovery_date": "2026-04-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2460538"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s algif_aead cryptographic algorithm interface. An incorrect \u0027in-place operation\u0027 was introduced, where the source and destination data mappings were different. This could lead to unexpected behavior or data integrity issues during cryptographic operations, potentially impacting the reliability of encrypted communications.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: crypto: algif_aead - Revert to operating out-of-place",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This local privilege escalation is rated as Important severity. Part of the Linux kernel\u0027s cryptographic interface contains an incorrect in-place operation, where source and destination data mappings differ. This could lead to data integrity issues, including the escalation to root privileges.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
          "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "RHBZ#2460538",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
        },
        {
          "category": "external",
          "summary": "RHSB-2026-002",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-002"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2026-31431",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/articles/7141989",
          "url": "https://access.redhat.com/articles/7141989"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7141931",
          "url": "https://access.redhat.com/solutions/7141931"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7141979",
          "url": "https://access.redhat.com/solutions/7141979"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7141990",
          "url": "https://access.redhat.com/solutions/7141990"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7141996",
          "url": "https://access.redhat.com/solutions/7141996"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7142032",
          "url": "https://access.redhat.com/solutions/7142032"
        },
        {
          "category": "external",
          "summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel",
          "url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2026-04-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-05-12T12:38:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:16208"
        },
        {
          "category": "workaround",
          "details": "See the security bulletin for a detailed mitigation procedure.",
          "product_ids": [
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-14.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-11.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-5.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-3.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.src",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-1.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-1.el9_2.x86_64",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.ppc64le",
            "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-1.el9_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2026-05-01T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: crypto: algif_aead - Revert to operating out-of-place"
    }
  ]
}

CVE-2026-31431 (GCVE-0-2026-31431)

Vulnerability from cvelistv5 – Published: 2026-04-22 08:15 – Updated: 2026-05-12 12:09

Title

crypto: algif_aead - Revert to operating out-of-place

Summary

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-669 - Incorrect Resource Transfer Between Spheres

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/893d22e0135fa394d…
https://git.kernel.org/stable/c/19d43105a97be0810…
https://git.kernel.org/stable/c/961cfa271a918ad4a…
https://git.kernel.org/stable/c/3115af9644c342b35…
https://git.kernel.org/stable/c/8b88d99341f139e23…
https://git.kernel.org/stable/c/fafe0fa2995a0f707…
https://git.kernel.org/stable/c/ce42ee423e58dffa5…
https://git.kernel.org/stable/c/a664bf3d603dc3bdc…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 893d22e0135fa394db81df88697fba6032747667 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 19d43105a97be0810edbda875f2cd03f30dc130c (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 961cfa271a918ad4ae452420e7c303149002875b (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 3115af9644c342b356f3f07a4dd1c8905cd9a6fc (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 8b88d99341f139e23bdeb1027a2a3ae10d341d82 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < ce42ee423e58dffa5ec03524054c9d8bfd4f6237 (git) Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 (git)
Linux	Linux	Affected: 4.14 Unaffected: 0 , < 4.14 (semver) Unaffected: 5.10.254 , ≤ 5.10.* (semver) Unaffected: 5.15.204 , ≤ 5.15.* (semver) Unaffected: 6.1.170 , ≤ 6.1.* (semver) Unaffected: 6.6.137 , ≤ 6.6.* (semver) Unaffected: 6.12.85 , ≤ 6.12.* (semver) Unaffected: 6.18.22 , ≤ 6.18.* (semver) Unaffected: 6.19.12 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-31431",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-29T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-05-01",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-669",
                "description": "CWE-669 Incorrect Resource Transfer Between Spheres",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-02T03:55:23.146Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/theori-io/copy-fail-CVE-2026-31431"
          },
          {
            "tags": [
              "mitigation"
            ],
            "url": "https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"
          },
          {
            "tags": [
              "mitigation"
            ],
            "url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"
          },
          {
            "tags": [
              "mitigation"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation"
          },
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-01T00:00:00.000Z",
            "value": "CVE-2026-31431 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-05-08T20:21:41.291Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/29/23"
          },
          {
            "url": "https://copy.fail"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/29/25"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/29/26"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/11"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/15"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/16"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/17"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/18"
          },
          {
            "url": "https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/30/20"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/3"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/15"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/16"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/17"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/18"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/22"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/23"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/24"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/4"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/7"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/8"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/15"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/16"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/17"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/18"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/19"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/20"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/21"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/23"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/24"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/02/25"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/3"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/4"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/03/13"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/11"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/13"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/8"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/9"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/24"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/27"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/28"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/29"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/04/31"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/06/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/07/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/07/12"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/08/13"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/260001"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T12:09:03.910Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "crypto/af_alg.c",
            "crypto/algif_aead.c",
            "crypto/algif_skcipher.c",
            "include/crypto/if_alg.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "893d22e0135fa394db81df88697fba6032747667",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "19d43105a97be0810edbda875f2cd03f30dc130c",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "961cfa271a918ad4ae452420e7c303149002875b",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "3115af9644c342b356f3f07a4dd1c8905cd9a6fc",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "8b88d99341f139e23bdeb1027a2a3ae10d341d82",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "ce42ee423e58dffa5ec03524054c9d8bfd4f6237",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            },
            {
              "lessThan": "a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5",
              "status": "affected",
              "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "crypto/af_alg.c",
            "crypto/algif_aead.c",
            "crypto/algif_skcipher.c",
            "include/crypto/if_alg.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.14"
            },
            {
              "lessThan": "4.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.204",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.170",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.137",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.85",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.254",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.204",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.170",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.137",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.85",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.22",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.12",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T22:08:34.612Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667"
        },
        {
          "url": "https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c"
        },
        {
          "url": "https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b"
        },
        {
          "url": "https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82"
        },
        {
          "url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
        },
        {
          "url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
        }
      ],
      "title": "crypto: algif_aead - Revert to operating out-of-place",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-31431",
    "datePublished": "2026-04-22T08:15:10.123Z",
    "dateReserved": "2026-03-09T15:48:24.089Z",
    "dateUpdated": "2026-05-12T12:09:03.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2026:16208

CVE-2026-31431 (GCVE-0-2026-31431)

Tags

Sightings

Nomenclature