CVE-2026-31431

Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation. Vendor/Product: Linux Kernel. Added to CISA KEV 2026-05-01; required action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.