Share
## https://sploitus.com/exploit?id=5BA1D41F-8859-5721-816A-1108576D7D16
# CVE-2026-31431 - AF_ALG AEAD Splice UAF PoC
Multi-language implementation and compatibility with older versions of Python.
## C (`exploit.c`)
```bash
gcc -o exploit exploit.c -O2
gcc -o exploit exploit.c -static -O2
./exploit
```
Tested on Ubuntu 20.04:

## Python (`exploit-python3-8-10.py`)
Compatible with Python 3.8.10 and older. Compat notes:
- `os.splice()` requires 3.10+ โ uses `ctypes` to call libc `splice()` directly
- `setsockopt(..., None, 4)` raises `TypeError` on 3.8 โ uses integer form
- Payload stored as `zlib`-compressed hex
```bash
python3 exploit-python3-8-10.py
```
Tested on Ubuntu 20.04 / Python 3.8.10:

## Disclaimer
For authorized security research and testing only.