Skip to content

removed CVE-2026-31431 from the resolved list #1017

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Chr1st0ph3rTurn3r merged 1 commit into from
May 15, 2026
Merged

removed CVE-2026-31431 from the resolved list #1017

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion docs/release_notes_128t_6.2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ Before upgrading please review the [**Upgrade Considerations**](intro_upgrade_co

### Resolved Issues

- **The following CVEs have been identified and resolved in this release:** CVE-2018-10906, CVE-2018-14468, CVE-2021-28651, CVE-2021-47670, CVE-2022-49985, CVE-2022-50087, CVE-2022-50228, CVE-2022-50367, CVE-2022-50386, CVE-2022-50543, CVE-2023-31484, CVE-2023-53125, CVE-2023-53178, CVE-2023-53226, CVE-2023-53257, CVE-2023-53297, CVE-2023-53305, CVE-2023-53386, CVE-2023-53401, CVE-2023-53513, CVE-2023-53539, CVE-2024-12087, CVE-2024-28956, CVE-2024-56326, CVE-2024-56644, CVE-2025-8194, CVE-2025-9230, CVE-2025-11561, CVE-2025-12084, CVE-2025-13601, CVE-2025-13699, CVE-2025-21727, CVE-2025-21759, CVE-2025-22026, CVE-2025-22058, CVE-2025-22097, CVE-2025-32415, CVE-2025-32462, CVE-2025-37797, CVE-2025-37914, CVE-2025-38085, CVE-2025-38159, CVE-2025-38200, CVE-2025-38211, CVE-2025-38250, CVE-2025-38332, CVE-2025-38350, CVE-2025-38352, CVE-2025-38380, CVE-2025-38392, CVE-2025-38449, CVE-2025-38461, CVE-2025-38464, CVE-2025-38477, CVE-2025-38498, CVE-2025-38527, CVE-2025-38556, CVE-2025-38718, CVE-2025-38724, CVE-2025-39697, CVE-2025-39718, CVE-2025-39730, CVE-2025-39817, CVE-2025-39825, CVE-2025-39841, CVE-2025-39849, CVE-2025-39864, CVE-2025-39883, CVE-2025-39898, CVE-2025-39955, CVE-2025-39971, CVE-2025-40300, CVE-2025-40778, CVE-2025-47273, CVE-2025-53057, CVE-2025-53066, CVE-2025-54389, CVE-2025-54574, CVE-2025-58060, CVE-2025-62168, CVE-2025-64720, CVE-2025-68160, CVE-2025-68615, CVE-2025-68973, CVE-2025-69421, CVE-2026-22796, CVE-2026-31431, CVE-2026-41242.
- **The following CVEs have been identified and resolved in this release:** CVE-2018-10906, CVE-2018-14468, CVE-2021-28651, CVE-2021-47670, CVE-2022-49985, CVE-2022-50087, CVE-2022-50228, CVE-2022-50367, CVE-2022-50386, CVE-2022-50543, CVE-2023-31484, CVE-2023-53125, CVE-2023-53178, CVE-2023-53226, CVE-2023-53257, CVE-2023-53297, CVE-2023-53305, CVE-2023-53386, CVE-2023-53401, CVE-2023-53513, CVE-2023-53539, CVE-2024-12087, CVE-2024-28956, CVE-2024-56326, CVE-2024-56644, CVE-2025-8194, CVE-2025-9230, CVE-2025-11561, CVE-2025-12084, CVE-2025-13601, CVE-2025-13699, CVE-2025-21727, CVE-2025-21759, CVE-2025-22026, CVE-2025-22058, CVE-2025-22097, CVE-2025-32415, CVE-2025-32462, CVE-2025-37797, CVE-2025-37914, CVE-2025-38085, CVE-2025-38159, CVE-2025-38200, CVE-2025-38211, CVE-2025-38250, CVE-2025-38332, CVE-2025-38350, CVE-2025-38352, CVE-2025-38380, CVE-2025-38392, CVE-2025-38449, CVE-2025-38461, CVE-2025-38464, CVE-2025-38477, CVE-2025-38498, CVE-2025-38527, CVE-2025-38556, CVE-2025-38718, CVE-2025-38724, CVE-2025-39697, CVE-2025-39718, CVE-2025-39730, CVE-2025-39817, CVE-2025-39825, CVE-2025-39841, CVE-2025-39849, CVE-2025-39864, CVE-2025-39883, CVE-2025-39898, CVE-2025-39955, CVE-2025-39971, CVE-2025-40300, CVE-2025-40778, CVE-2025-47273, CVE-2025-53057, CVE-2025-53066, CVE-2025-54389, CVE-2025-54574, CVE-2025-58060, CVE-2025-62168, CVE-2025-64720, CVE-2025-68160, CVE-2025-68615, CVE-2025-68973, CVE-2025-69421, CVE-2026-22796, CVE-2026-41242.
------
- **I95-60545 Attempting network interface lookup with invalid ID:** Resolved an issue where errors due to an invalid ID were flooding the logs. Error logs in highway regarding a failed interface lookup for an invalid interface are now suppressed.
------
Expand Down Expand Up @@ -122,6 +122,10 @@ Before upgrading please review the [**Upgrade Considerations**](intro_upgrade_co
------
- **WAN-4466 LTE interface incorrect graphing and interface behavior:** Resolved an issue where LTE interfaces with no signal were incorrectly reporting RX traffic in interface graphs, despite the WAN path being down and the SIM card not being connected to the carrier network.

### Caveats

- **I95-65077 Mitigation for CVE-2026-31431:** CVE-2026-31431 has been mitigated in this release and will be fully resolved in an upcoming release.
Copy link
Copy Markdown
Contributor

@MichaelBaj MichaelBaj May 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this information here because CVE-2026-31431 (CopyFail) will still show up in a vulnerability scan?

Copy link
Copy Markdown

@iwbarker iwbarker May 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Because the CVE is linked to the kernel version, scanners are not going to know that we mitigated the vulnerability in the boot parameters. Attempting to head off any customer confusion.


## Release 6.2.10-10-lts

**Release Date:** December 18, 2025
Expand Down