¡¾¸´ÏÖ¡¿LinuxÄÚºËͨÓé¶´ Copy Fail£¨CVE-2026-31431£©

·¢²¼Ê±¼ä 2026-04-30

©¶´ÃèÊö


Copy Fail£¨CVE-2026-31431£©ÊÇ LinuxÄÚºËauthencesn¼ÓÃÜÄ£°åÖеÄÒ»´¦Âß¼­Â©¶´¡£¸Ã©¶´ÔÊÐíµÍȨÏÞ±¾µØÓû§£¬ÏòϵͳÈÎÒâ¿É¶ÁÎļþµÄÒ³»º´æ·¢ÆðÈ·¶¨ÐÔ¡¢¿ÉÊܿصĠ4 ×Ö½ÚдÈë¡£¹¥»÷Õß½öÐèÒ»¶Î 732 ×ֽڵĠPython ½Å±¾£¬¾ÍÄܴ۸Ġsetuid ÌØÈ¨¶þ½øÖÆÎļþ£¬¼´¿ÉÔÚ 2017 ÄêÖ®ºó·¢²¼µÄ¾ø´ó¶àÊý Linux ·¢ÐаæÉÏʵÏÖ±¾µØÌáȨ£¬Ö±½Ó»ñÈ¡root ×î¸ßȨÏÞ¡£¸Ã©¶´CVSSÆÀ·ÖΪ7.8£¬µÈ¼¶Îª¸ßΣ¡£

ÓëDirty Cow¡¢Dirty PipeµÈ¾­µäLinux±¾µØÌáȨ©¶´Ïà±È£¬Copy FailµÄ×î´óÓÅÊÆÔÚÓÚÎÞÐèÒÀÀµ¾ºÕùÌõ¼þ£¬Â©¶´ÀûÓóɹ¦ÂʺÍÎȶ¨ÐÔ¸ü¸ß¡£´ËÍ⣬¸Ã©¶´¸²¸ÇµÄϵͳ·¶Î§¸ü¹ã£¬¼¸ºõÓ°ÏìËùÓÐLinux·¢Ðаæ¡£


Ó°Ï췶Χ


? Linux Kernel 4.14¼°ÒÔÉϰ汾£¬Ö±ÖÁ²¹¶¡·¢²¼Ç°µÄËùÓа汾£¨4.14 - 6.xϵÁУ©

? Ubuntu¡¢Amazon Linux¡¢RHEL¡¢SUSEµÈÖ÷Á÷·¢Ðаæ

? ÈÝÆ÷»·¾³£¨¹Ù·½Åû¶¿ÉÄÜʵÏÖÈÝÆ÷ÌÓÒÝ£©


©¶´Ô­Àí


2017ÄêÌá½»µÄcommit 72548b093ee3Ϊalgif_aead.cÒýÈëÁËAEAD£¨´ø¹ØÁªÊý¾ÝµÄÈÏÖ¤¼ÓÃÜ£©²Ù×÷µÄԭλÓÅ»¯¡£ÔÚ½âÃÜÁ÷³ÌÖУ¬Äں˽«AADºÍÃÜÎÄÊý¾Ý´ÓTX SGL¿½±´ÖÁRX»º³åÇø£¬²¢Í¨¹ýsg_chain()½«±êǩҳÒÔÒýÓ÷½Ê½Á´½Ó¡£ËæºóÉèÖÃreq->src = req->dst£¬Ê¹µÃÔ­±¾À´×ÔÎļþÒ³»º´æµÄÒ³£¨¾­ÓÉsplice´«È룩½øÈëÁË¿ÉдµÄÄ¿±êÉ¢ÁÐÁÐ±í£¨Destination SGL£©¡£


ÔÚauthencesnÄ£°åµÄ½âÃܺ¯Êýcrypto_authenc_esn_decrypt()ÖУ¬µ±srcÓëdst±»ÊÓΪͬһԭλ»º³åÇøÊ±£¬¸Ãº¯Êý»áÏò±êÇ©ÇøÓòдÈë4¸ö×Ö½Ú¡£È»¶ø£¬´ËдÈë²Ù×÷·¢ÉúÔÚ±êÇ©¼ì²é֮ǰ¡ª¡ª¼´Ê¹ºóÐøÒòÈÏÖ¤±êǩУÑéʧ°Ü·µ»Ø-EBADMSG´íÎó£¬Îļþ»º´æÒ³ÖеÄ4¸ö×Ö½ÚÒѱ»´Û¸Ä¡£¸Ã©¶´ÔÊÐí±¾µØµÍȨÏÞÓû§ÏòÈÎÒâ¿É¶ÁÎļþµÄÒ³»º´æÖÐдÈë¿É¿ØÊý¾Ý£¬Ã¿´ÎÇëÇó¿É¸²¸Ç4¸ö×Ö½Ú£¬Í¨¹ý¶à´ÎÇëÇó¿É´Û¸ÄÖ»¶Á»òsetuid³ÌÐòÄÚÈÝ£¬½ø¶øÊµÏÖ±¾µØÌáȨ»ò´úÂëÖ´ÐС£


©¶´¸´ÏÖ


ͼƬ.png


°²È«½¨Òé


    £¨1£©Õýʽ·À»¤·½°¸

    ½«Äں˸üÐÂÖÁ°üº¬commit a664bf3d603d µÄ°æ±¾¡£

    https://github.com/torvalds/linux/commit/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5


    £¨2£©ÁÙʱ·À»¤´ëÊ©

    ʹÓÃseccomp×èÖ¹AF_ALGÌ×½Ó×Ö´´½¨£¬»ò½«algif_aeadÄ £¿éÁÐÈëºÚÃûµ¥£º

    Plain Text

    echo   "install algif_aead /bin/false" >   /etc/modprobe.d/disable-algif-aead.conf

    rmmod algif_aead 2>/dev/null


    ²Î¿¼Á´½Ó£º

    [1]https://xint.io/blog/copy-fail-linux-distributions

    [2]https://copy.fail/



    mansion88Ã÷Éý»ý¼«·ÀÓùʵÑéÊÒ£¨ADLab£©


    ADLab³ÉÁ¢ÓÚ1999Ä꣬ÊÇÖйú°²È«ÐÐÒµ×îÔç³ÉÁ¢µÄ¹¥·À¼¼ÊõÑо¿ÊµÑéÊÒÖ®Ò»£¬Î¢ÈíMAPP¼Æ»®ºËÐijÉÔ±£¬¡°ºÚȸ¹¥»÷¡±¸ÅÄîÊ×ÍÆÕß¡£½ØÖÁĿǰ£¬ADLabÒÑͨ¹ý CNVD/CNNVD/NVDB/CVEÀۼƷ¢²¼°²È«Â©¶´7000Óà¸ö£¬³ÖÐø±£³Ö¹ú¼ÊÍøÂ簲ȫÁìÓòÒ»Á÷Ë®×¼¡£ÊµÑéÊÒÑо¿·½Ïòº­¸Ç»ù´¡°²È«Ñо¿¡¢µçÐÅÔËÓªÉÌ»ù´¡ÉèÊ©°²È«Ñо¿¡¢Òƶ¯Öն˰²È«Ñо¿¡¢Ôư²È«Ñо¿¡¢ÐÅ´´°²È«Ñо¿¡¢ÎïÁªÍø°²È«Ñо¿¡¢³µÁªÍø°²È«Ñо¿¡¢¹¤¿Ø°²È«Ñо¿¡¢Êý¾Ý°²È«Ñо¿¡¢5G°²È«Ñо¿¡¢AI°²È«Ñо¿¡¢ÎÀÐǰ²È«Ñо¿¡¢µÍ¿Õ°²È«Ñо¿¡¢¸ß¼¶ÍþвÑо¿¡¢¹¥·ÀÌåϵ½¨Éè¡£Ñо¿³É¹ûÓ¦ÓÃÓÚ²úÆ·ºËÐļ¼ÊõÑо¿¡¢¹ú¼ÒÖØµã¿Æ¼¼ÏîÄ¿¹¥¹Ø¡¢×¨Òµ°²È«·þÎñµÈ¡£


    adlab.jpg