cve detail

CVE-2026-31431

naam

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

KEV

bekend misbruikt

EPSS

4,1%

percentiel

89%

vendor

Linux

product

Kernel

toegevoegd aan KEV

01 mei 2026

due date

15 mei 2026

ransomware

Unknown

CWE

CWE-669

EPSS datum

12 mei 2026

aanbevolen actie

"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

notities

https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431