CVE-2026-31543

Source
https://cve.org/CVERecord?id=CVE-2026-31543
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31543.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31543
Downstream
Published
2026-04-24T14:33:12.163Z
Modified
2026-07-15T01:48:52.120699168Z
Summary
crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying
Details

In the Linux kernel, the following vulnerability has been resolved:

crashdump: don't log dm-crypt key bytes in readkeyfromuser_keying

When debug logging is enabled, readkeyfromuserkeying() logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31543.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
479e58549b0fa7e80f1e0b9e69e0a2a8e6711132
Fixed
4897bd307ba8757c31a3325ba6730961be606016
Fixed
ed8d91f469845d62d44c565a55d2ab1767969357
Fixed
36f46b0e36892eba08978eef7502ff3c94ddba77

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31543.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
6.18.20
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.10

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31543.json"