About CVE-2026-31431 ("Copy Fail") on Alpine

Camelia Lavender <cam@camelia.dev>

Details

Message ID: <59b399b4-7ae8-4bc5-b2c1-d346235ec796@camelia.dev>
DKIM signature: missing

Hi everyone,

While applying mitigation recommendations for CVE-2026-31431 on several 
machines, I noticed that I wasn't able to run the exploit on Alpine 
systems, even after enabling the algif_aead module.

Did I miss something while trying to run the exploit on my test machine 
(I got a permission error, specifically) or is there something that 
prevents Alpine from being affected? I tried with other setuid binaries, 
such as doas, but did not get results either.

-- 
Sincerely,

Camelia Lavender (she/they)
PGP: 0xDBCC70EFBC360E97

palisade <palisade@riseup.net>

Details

Message ID: <DI6PM7O0BZ8B.22T1X4I2R1I5X@riseup.net>
In-Reply-To: <59b399b4-7ae8-4bc5-b2c1-d346235ec796@camelia.dev> (view parent)
DKIM signature: missing

Download raw message

a day ago

see:

https://github.com/theori-io/copy-fail-CVE-2026-31431/issues/4

On Thu Apr 30, 2026 at 5:37 PM UTC, Camelia Lavender wrote:
> Hi everyone,
>
> While applying mitigation recommendations for CVE-2026-31431 on several 
> machines, I noticed that I wasn't able to run the exploit on Alpine 
> systems, even after enabling the algif_aead module.
>
> Did I miss something while trying to run the exploit on my test machine 
> (I got a permission error, specifically) or is there something that 
> prevents Alpine from being affected? I tried with other setuid binaries, 
> such as doas, but did not get results either.

~alpine/users

About CVE-2026-31431 ("Copy Fail") on Alpine