Tiny Core Linux

Tiny Core Base => TCB Bugs => Topic started by: adb014 on May 04, 2026, 03:59:38 AM

Title: TC17 vulnerable to copy.fail (CVE-2026-31431)
Post by: adb014 on May 04, 2026, 03:59:38 AM

For information the kernel config of TC17 includes

CONFIG_CRYPTO_USER_API_AEAD=y

and so the kernel of of TC17 is vulnerable to copy.fail and blacklisting the modprobe of algif_aeqd as suggested in some remediation guides is not possible. The easiest fix for this would be to recompile the kernel with

CONFIG_CRYPTO_USER_API_AEAD=n

though a better fix would be to update the kernel to 6.18.22 or later, or backporting the kernel patch for 6.18.22 (https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 (https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8))

Title: Re: TC17 vulnerable to copy.fail (CVE-2026-31431)
Post by: Juanito on May 04, 2026, 04:37:00 AM

Does this boot code disable the module?

Code: [Select]

initcall_blacklist=algif_aead_init

Title: Re: TC17 vulnerable to copy.fail (CVE-2026-31431)
Post by: adb014 on May 04, 2026, 04:57:45 AM

According to https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches (https://blog.cloudlinux.com/cve-2026-31431-copy-fail-mitigation-and-patches) yes this will block the attack