CVE ID
CVE-2026-31431
Vulnerability Name
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
- Project: Linux
- Product: Kernel
Date
- Date Added: 2026-05-01
- Due Date: 2026-05-15
Description
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431
Related Security News
- Dirty Frag: Unpatched Linux vulnerability delivers root access
- Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
- CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
- CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
Top comments (0)