Share
## https://sploitus.com/exploit?id=D4F4E293-4781-541E-8A7B-7AC546177A0D
# CVE-2026-31431 / Copy Fail Checker ๐Ÿ”’

Linux kernel vulnerability checker for the **algif_aead-based Copy Fail attack path**. Detects if your system is vulnerable and provides mitigation steps.

## Features
- Kernel version vulnerability range detection
- AF_ALG crypto module check
- Protection status (KPTI, SELinux, AppArmor)
- JSON output for automation
- Mitigation instructions

## Installation
```bash
git clone https://github.com/ridhinva/copyfail-checker.git
cd copyfail-checker
```

## Usage
```bash
python3 copyfail_checker.py              # Standard check
python3 copyfail_checker.py --json       # JSON output for automation
python3 copyfail_checker.py --fix        # Apply mitigations (root)
```

## Example
```bash
$ python3 copyfail_checker.py
[*] Checking kernel version...
[*] Checking AF_ALG module...
[*] Checking protections...

==================================================
RESULTS:

  [!!] kernel_version: Running kernel 6.5.0 - vulnerable range
  [!!] AF_ALG: AF_ALG crypto module enabled
  [OK] apparmor: AppArmor installed

  ==============================
  Potential issues: 2

  [!] RUNNING VULNERABLE KERNEL:
      1. apt update && apt upgrade linux-image
      2. echo 'blacklist algif_aead' > /etc/modprobe.d/algif.conf
      3. reboot
```

## References
- CVE-2026-31431: Linux kernel algif_aead vulnerability
- Upstream patch: [link]

## Author
@c_y_p_h3r