USN-8392-1

Details

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431)

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43284, CVE-2026-43500)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

Cryptographic API;
Packet sockets;
RDS protocol;
TLS protocol; (CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078, CVE-2026-43494, CVE-2026-46028)

Affected Packages

linux-aws-5.4

Ubuntu Pro 18.04 LTS

Fixed in:

5.4.0-1160.170~18.04.1

linux-hwe-5.4

Ubuntu Pro 18.04 LTS

Fixed in:

5.4.0-231.251~18.04.1

References

REPORT

https://ubuntu.com/security/CVE-2026-31431