What is CVE-2026-31554?

CVE-2026-31554 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-04-24.

How severe is CVE-2026-31554?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Linux

CVE-2026-31554

In the Linux kernel, the following vulnerability has been resolved: futex: Require sys_futex_requeue() to have identical flags Nicholas reported that his LLM found it was possible to create a UaF when sys_futex_requeue() is used with dif…

EPSS: 0.000 (1.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Linux — versions 0f4b5f972216782a4acb1ae00dcb55173847c2ff, 6.7, 0

References

git.kernel.org/stable/c/027145ace09fad4c7cbcd6c61fe9b429c63eb0e5
git.kernel.org/stable/c/18b7d09c2b794c71d4252f3ea2cf84ad12b73d6a
git.kernel.org/stable/c/e2f78c7ec1655fedd945366151ba54fcb9580508
git.kernel.org/stable/c/19f94b39058681dec64a10ebeb6f23fe7fc3f77a

Frequently asked questions

What is CVE-2026-31554?: CVE-2026-31554 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-04-24.
How severe is CVE-2026-31554?: High severity. CVSS v3 base score is 7.8 out of 10.