CVE-2026-31431: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

#linux #kernel #cybersecurity #vulnerability

CVE ID

CVE-2026-31431

Vulnerability Name

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

Project: Linux
Product: Kernel

Date

Date Added: 2026-05-01
Due Date: 2026-05-15

Description

Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/; https://xint.io/blog/copy-fail-linux-distributions#the-fix-6 ; https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-31431

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

DEV Community