CVE DATABASE / CVE-2026-31431
CVE-2026-31431
Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
⚠ CISA KEV — ACTIVELY EXPLOITED
On the CISA KEV catalog
Confirmed exploited in the wild. Added 2026-05-01.
Federal remediation due 2026-05-15.
Required action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Summary
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
Our coverage
- Dirty Frag: Public Root Exploit Hits All Major Linux Distros, Partial Patch Only
- Dirty Frag: CVE-2026-43284 and CVE-2026-43500 Grant Root Access Across All Major Linux Distros
- Metasploit Adds ARMLE Support to CVE-2026-31431 Copy Fail Linux Root Exploit
- CVE-2026-31431 Linux Privilege Escalation Detection: Copy Fail Patch Verification Checklist
- Basic Linux commands and their functions
Data: NIST NVD + CISA KEV. Always verify against the vendor advisory before acting.