Summary
B&R is aware of publicly reported vulnerabilities affecting the Linux kernel versions shipped with the products listed as affected in the advisory. Successful local exploitation of these vulnerabilities could allow an attacker to escalate privileges on the affected system. Public proof-of-concept exploits are available for the vulnerabilities described herein. At the time of publication of this advisory, B&R had no evidence of active exploitation targeting B&R products.
The following versions of Impact of Linux Kernel vulnerabilities on B&R products are affected:
- Linux for B&R <=12
- APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602
- X20EDS410 /all
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.8 | B&R Industrial Automation GmbH | Impact of Linux Kernel vulnerabilities on B&R products | Incorrect Resource Transfer Between Spheres, Write-what-where Condition, Improper Privilege Management, Out-of-bounds Write, Multiple Releases of Same Resource or Handle |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Switzerland
Vulnerabilities
CVE-2026-31431
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead – Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
Affected Products
Impact of Linux Kernel vulnerabilities on B&R products
B&R Industrial Automation GmbH
B&R Industrial Automation GmbH Linux for B&R <=12, B&R Industrial Automation GmbH APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602, B&R Industrial Automation GmbH X20EDS410 /all
fixed, known_affected
Remediations
Vendor fix
For affected products, software updates should be installed upon availability. Product Patch version – APROL : APROL-AutoYaST-DVD- V4.4-010.10.260602 Until remediated software versions are available, customers are required to conduct a risk assessment of their affected systems and to implement the mitigation measures and workarounds specified in this advisory.
Mitigation
Successful exploitation of the vulnerabilities described in this advisory requires local access to the affected system with low-privileged user credentials. Customers are strongly advised to enforce strict access control policies on all Linux-based systems, ensuring that interactive access is exclusively granted to authorized and trusted personnel. This includes reviewing and hardening user account permissions and disabling unused accounts. Refer to section “General security recommendations” for further advise on how to keep your system secure.
Workaround
Security researchers have identified and validated the following workarounds to reduce exposure to the vulnerabilities described in this advisory. These measures do not remediate the underlying vulnerabilities but effectively block known attack vectors until patched software versions are deployed. Important: Customers are advised to thoroughly test their systems after applying any of the listed workarounds. B&R has no visibility into customer-specific applications running on the underlying Linux system. It is the customer’s responsibility to assess whether the applied workarounds interfere with existing application workloads prior to deployment in production environments. For Debian-based systems within an active support lifecycle, kernel patches addressing CVE-2026-31431 are already available via the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: