Impact Evaluation of CVE‑2026‑31431 ("Copy Fail") of VMware by Broadcom product portfolio
Article ID: 439189
Updated On:
Products
Issue/Introduction
A high-severity local privilege escalation (LPE) vulnerability, designated as CVE-2026-31431 (commonly referred to as "Copy Fail", rated with Base Score 7.8 by kernel.org), has been publicly disclosed on April 22, 2026 affecting the Linux kernel. This vulnerability allows an unprivileged local attacker to trigger a deterministic, controlled memory write into the page cache. Successful exploitation on affected Linux kernels results in unauthorized escalation to root privileges and can facilitate cross-container impacts or container escape scenarios in shared environments.
Environment
VMware Photon OS
VMware vSphere Kubernetes Service
VMware vCenter Server
VMware ESXi
VMware SDDC Manager
VMware Aria Suite
VMware NSX
VMware vCloud
Telco Cloud Automation
Cause
The vulnerability is caused by a logic flaw within the algif_aead Linux kernel module of the AF_ALG (userspace crypto API) in the Linux kernel's cryptographic subsystem. Due to an improper memory handling optimization introduced in 2017, an attacker can corrupt the in-memory cache of privileged binaries (such as setuid binaries) without altering the physical file on disk and gain root privileges.
For a successful exploitation, an attacker requires network and authenticated access to the relevant system. As per today, this vulnerability can not be exploited remotely or without previously being successfully authenticated to the system in question.
Resolution
| Product | Exploitable/Fixed in | Notes |
| VMware ESXi | No | VMware ESXi is not based on Linux, and hence is not affected. |
| VMware Photon OS | No | Photon OS does not utilize the algif_aead kernel module, and hence is not affected. |
| VMware vCenter Server | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware vSphere Kubernetes Service - Supervisor | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware Tanzu Kubernetes Release - Photon OS Images | No | Photon OS is not affected. |
| VMware Tanzu Kubernetes Release - Ubuntu Images | Refer to KB 439866 | Virtual Appliance is based on Ubuntu OS (22.04 and 24.04) |
| VMware SDDC Manager | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware NSX | No |
|
| VMware Aria Operations | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware Aria Operations for Logs | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware Aria Automation | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware Aria Automation Orchestrator | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware Aria Suite Lifecycle Manager | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware vCloud Director | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware vCloud Usage Meter | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware vSphere Replication | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| VMware Live Site Recovery | No | Virtual Appliance is based on Photon OS, and hence is not affected. |
| Telco Cloud Automation | No | TCA Manager and TCA Control Plane virtual Appliances are based on Photon OS, and hence are not affected. |
Latest update: 2026-05-20 11:00 UTC.
Should you require further information or support, contact Broadcom Support.
To be notified on any changes, subscribe to this knowledge base article.
Feedback
