CVE-2026-31431 - Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
Project:Linux
Product:Kernel
Date Added:2026-05-01Due Date:2026-05-15
Vulnerability Name
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
Description
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/
https://xint.io/blog/copy-fail-linux-distributions#the-fix-6
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/about/
https://nvd.nist.gov/vuln/detail/CVE-2026-31431
Related News Articles
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight ModelsJune 9, 2026
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE VulnerabilityMay 19, 2026
Dirty Frag: Unpatched Linux vulnerability delivers root accessMay 8, 2026
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major DistributionsMay 8, 2026
CISA says ‘Copy Fail’ flaw now exploited to root Linux systemsMay 4, 2026