cve-2026-31431.c (928B)
1 #include <linux/if_alg.h> 2 #include <stdio.h> 3 #include <string.h> 4 #include <sys/socket.h> 5 #include <unistd.h> 6 7 #include "setup.h" 8 9 int detector_cve_2026_31431(int num) { 10 int fd = socket(AF_ALG, SOCK_SEQPACKET, 0); 11 if (fd < 0) { 12 perror("socket"); 13 return 0; 14 } 15 16 struct sockaddr_alg sa; 17 memset(&sa, 0, sizeof(sa)); 18 sa.salg_family = AF_ALG; 19 20 strcpy((char *)sa.salg_type, "aead"); 21 strcpy((char *)sa.salg_name, "authencesn(hmac(sha256),cbc(aes))"); 22 23 if (bind(fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) { 24 return 0; 25 } 26 27 return 1; 28 } 29 30 __attribute__((constructor)) void detector_cve_2026_31431_setup() { 31 detector_queue_append("CVE-2026-31431", 32 "Add 'initcall_blacklist=algif_aead_init' to the Linux kernel cmdline.\n For GRUB, add it to " 33 "GRUB_CMDLINE_LINUX in /etc/default/grub and run update-grub.", 34 detector_cve_2026_31431); 35 }