CVE-2026-31431: Linux Kernel Incorrect Resource Transfer Between Spheres

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability. Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

• CISA KEV-listed (remediation due 2026-05-15)
• EPSS 2.2% (84.8% percentile)

Related briefings

• Fortinet Checks Whether Its Security Tools Are Exposed to a Linux Kernel Flaw 2026-06-06
• New Linux Bug Lets Any Local User Become Root 2026-06-06

Browse the CVE database

Read the full analysis on IntelFusions