Share
## https://sploitus.com/exploit?id=D4F4E293-4781-541E-8A7B-7AC546177A0D
# CVE-2026-31431 / Copy Fail Checker ๐
Linux kernel vulnerability checker for the **algif_aead-based Copy Fail attack path**. Detects if your system is vulnerable and provides mitigation steps.
## Features
- Kernel version vulnerability range detection
- AF_ALG crypto module check
- Protection status (KPTI, SELinux, AppArmor)
- JSON output for automation
- Mitigation instructions
## Installation
```bash
git clone https://github.com/ridhinva/copyfail-checker.git
cd copyfail-checker
```
## Usage
```bash
python3 copyfail_checker.py # Standard check
python3 copyfail_checker.py --json # JSON output for automation
python3 copyfail_checker.py --fix # Apply mitigations (root)
```
## Example
```bash
$ python3 copyfail_checker.py
[*] Checking kernel version...
[*] Checking AF_ALG module...
[*] Checking protections...
==================================================
RESULTS:
[!!] kernel_version: Running kernel 6.5.0 - vulnerable range
[!!] AF_ALG: AF_ALG crypto module enabled
[OK] apparmor: AppArmor installed
==============================
Potential issues: 2
[!] RUNNING VULNERABLE KERNEL:
1. apt update && apt upgrade linux-image
2. echo 'blacklist algif_aead' > /etc/modprobe.d/algif.conf
3. reboot
```
## References
- CVE-2026-31431: Linux kernel algif_aead vulnerability
- Upstream patch: [link]
## Author
@c_y_p_h3r