CVE-2026-31431 is a Linux kernel vulnerability that was recently
disclosed.This CVE does not compromise Docker infrastructure. That
said, Docker Engine’s default profiles prior to v29.4.3 allowed
containers to create AF_ALG sockets, which is the syscall surface
the exploit uses.You are not exposed if you are running
Docker Engine v29.4.3 or later, OR a patched host kernel.
If either of those is missing, you have exposure on that host, and
you should read the rest of this post. As of writing, the kernel
CVE-2026-31431 is a Linux kernel vulnerability that was recently
disclosed.This CVE does not compromise Docker infrastructure. That
said, Docker Engine’s default profiles prior to v29.4.3 allowed
containers to create AF_ALG sockets, which is the syscall surface
the exploit uses.You are not exposed if you are running
Docker Engine v29.4.3 or later, OR a patched host kernel.
If either of those is missing, you have exposure on that host, and
you should read the rest of this post. As of writing, the kernel