{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31543", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.114Z", "datePublished": "2026-04-24T14:33:12.163Z", "dateUpdated": "2026-05-11T22:10:48.645Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:10:48.645Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrash_dump: don't log dm-crypt key bytes in read_key_from_user_keying\n\nWhen debug logging is enabled, read_key_from_user_keying() logs the first\n8 bytes of the key payload and partially exposes the dm-crypt key. Stop\nlogging any key bytes."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/crash_dump_dm_crypt.c"], "versions": [{"version": "479e58549b0fa7e80f1e0b9e69e0a2a8e6711132", "lessThan": "4897bd307ba8757c31a3325ba6730961be606016", "status": "affected", "versionType": "git"}, {"version": "479e58549b0fa7e80f1e0b9e69e0a2a8e6711132", "lessThan": "ed8d91f469845d62d44c565a55d2ab1767969357", "status": "affected", "versionType": "git"}, {"version": "479e58549b0fa7e80f1e0b9e69e0a2a8e6711132", "lessThan": "36f46b0e36892eba08978eef7502ff3c94ddba77", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/crash_dump_dm_crypt.c"], "versions": [{"version": "6.16", "status": "affected"}, {"version": "0", "lessThan": "6.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.20", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.10", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.18.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.19.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4897bd307ba8757c31a3325ba6730961be606016"}, {"url": "https://git.kernel.org/stable/c/ed8d91f469845d62d44c565a55d2ab1767969357"}, {"url": "https://git.kernel.org/stable/c/36f46b0e36892eba08978eef7502ff3c94ddba77"}], "title": "crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C570CE1-BC61-4BE6-9393-FD0CA8637367", "versionEndExcluding": "6.18.20", "versionStartIncluding": "6.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "96D34333-38BE-4414-9E79-6EB764329581", "versionEndExcluding": "6.19.10", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrash_dump: don't log dm-crypt key bytes in read_key_from_user_keying\n\nWhen debug logging is enabled, read_key_from_user_keying() logs the first\n8 bytes of the key payload and partially exposes the dm-crypt key. Stop\nlogging any key bytes."}], "id": "CVE-2026-31543", "lastModified": "2026-04-28T18:46:51.353", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-24T15:16:28.350", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/36f46b0e36892eba08978eef7502ff3c94ddba77"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4897bd307ba8757c31a3325ba6730961be606016"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ed8d91f469845d62d44c565a55d2ab1767969357"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying", "id": "2461549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461549"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-215", "details": ["A flaw was found in the Linux kernel. When debug logging is enabled, the `read_key_from_user_keying` function logs the initial 8 bytes of the key payload. This action partially exposes the dm-crypt key, leading to information disclosure."], "name": "CVE-2026-31543", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31543\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31543\nhttps://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31543-803c@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[479e58549b0fa7e80f1e0b9e69e0a2a8e6711132,4897bd307ba8757c31a3325ba6730961be606016)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[479e58549b0fa7e80f1e0b9e69e0a2a8e6711132,ed8d91f469845d62d44c565a55d2ab1767969357)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[479e58549b0fa7e80f1e0b9e69e0a2a8e6711132,36f46b0e36892eba08978eef7502ff3c94ddba77)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.16"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.16)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.20,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.10,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-29T02:20:04.575931+00:00", "value": {"mitigation_remediation": ["Apply the upstream patch that removes logging of dm\u2011crypt key bytes", "Upgrade the system to a kernel release that incorporates this fix (e.g., recent Linux kernel 7.x updates)", "If the patch cannot be applied, rebuild or configure the kernel to disable kernel debug logging to prevent key exposure", "Restrict read access to kernel log files to limit the opportunity for an attacker to retrieve logged key bytes"], "summary": {"action": "Apply Patch", "impact": "Information Disclosure via Kernel Debug Logging"}, "threat_synthesis": {"affected_systems": "All Linux kernel builds containing the unpatched read_key_from_user_keying() function are affected, regardless of the distribution or vendor. The issue appears in the source code that was patched in the 7.0 releases. No specific version numbers are listed in the advisory, so any kernel version prior to the commit that removes the key logging is vulnerable.\n", "description_and_impact": "The flaw causes the kernel function read_key_from_user_keying() to write the first eight bytes of a dm\u2011crypt key to the debug trace whenever kernel debug logging is enabled. This results in the partial exposure of an otherwise protected encryption key, creating an information\u2011disclosure vulnerability classified as CWE\u2011215. The vulnerability does not impact application functionality directly but compromises the confidentiality of encrypted data stored by dm\u2011crypt by leaking key material.\n", "risk_and_exploitability": "The CVSS score of 5.5 indicates moderate severity. An EPSS score of less than 1% suggests that practical exploitation is unlikely to be widespread. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker must have the ability to enable kernel debug logging and read the resulting trace logs, which typically requires elevated or kernel\u2011level privileges.\n"}}}}, "created": "2026-04-27T19:15:11.625623+00:00", "updated": "2026-04-29T02:30:07.571703+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}