Is it known when CVE-2026-31431 will be patched for for which RSA AM version(s) it would be applied to?

CHASEDAFNIS58046 (Customer) asked a question.

May 7, 2026 at 7:00 PM

RSA SecurID

Top Rated Answers

jay.guillette (RSA SecurID)
5 days ago
OK, found out AM 8.9 P2 will include fix for CVE-2026-31431
Expand Post
Selected as Best

All Answers

EricaChalfin (RSA)
Edited May 14, 2026 at 6:31 PM
@CHASEDAFNIS58046 (Customer) ,

CVE‑2026‑31431 is a local‑only issue that can be exploited only by an authenticated appliance administrator (rsaadmin), who already has root‑level access by design. As a result, the CVE does not introduce additional risk or expand the attack surface. Given the lack of security impact, RSA does not plan to release a patch for this issue at this time, but we will continue to monitor and reassess if the risk profile changes.

ETA: Please check our response to this CVE with regard to the RSA-2026-07 RSA Identity Router Security Update for Third Party Component Vulnerabilities released earlier on 14 May 2026.
Expand Post
jay.guillette (RSA SecurID)
5 days ago
SUSE says that CVE-2026-31431 Copy Fail vulnerability
Affects almost all major Linux distributions with Linux kernels 4.14 and newer, released since 2017, inclusive of: SLES 15 (all service packs)

Note: RSA AM 8.9 uses SLES-15 SP4 and AM 8.10 due later this year will use SLES-15 SP7.

There is a work-around, but that would not be 'supported' by RSA as you would be modifying the system and the affects would be unknown, so there would be some risk there, more risk than the vulnerability itself to AM.

Suse Resolution
Update May 3rd 2026: SUSE has released updates for all maintained SUSE Linux Enterprise and openSUSE Leap distributions.

https://www.suse.com/c/suse-responds-to-the-copy-fail-vulnerability/

RSA would include this SUSE fix at some point in AM 8.10, and possibly in AM 8.9.
But again, as Erica stated, there is no additional risk to the AM appliance from CVE-2026-31431

Expand Post
jay.guillette (RSA SecurID)
5 days ago
OK, found out AM 8.9 P2 will include fix for CVE-2026-31431
Expand Post
Selected as Best
yannickneault (Customer)
5 days ago
What is the target date for the AM 8.9 patch 2 availability?

Expand Post
jay.guillette (RSA SecurID)
5 days ago
Currently May 28th, 2026. Slight risk it could slip a little.
Expand Post
jay.guillette (RSA SecurID)
4 days ago
Note: IDR will also be updated to address CVE-2026-31431.
Article 000073923 - RSA Announces Critical Security Updates for RSA ID Plus Components - RSA Identity Router has been updated.
Affected Products: RSA Identity Router: 12.24.x or earlier
Third-party components are updated for the following vulnerabilities:
• CVE ID: CVE-2026-31431
• CVSS Score: 7.8
• Vulnerability Type: Local Privilege Escalation
• Component: Linux Kernel (AF_ALG / algif_aead)
Recommendation: RSA recommends that all customers upgrade to the fixed appliance release versions at the earliest opportunity. If the Identity Router is already running version 12.24.x, the Identity Router status in the Cloud Administration Console does not change to Update Available for this security update.
Customers can still upgrade the Identity Router to the fixed version by following the instructions in Update Identity Router Software.

Expand Post

Related Questions

Trending Articles