What is CVE-2026-31788?

CVE-2026-31788 is a high-severity vulnerability in Linux. CVSS score: 8.2/10. Published 2026-03-25.

How severe is CVE-2026-31788?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Linux

CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as a…

EPSS: 0.000 (5.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.

Affected products

Linux — versions 1c5de1939c204bde9cce87f4eb3d26e9f9eb732b, 2.6.37, 0

References

git.kernel.org/stable/c/4eb245ff0d33b618e097a2c23de5df56d4ad6969
git.kernel.org/stable/c/3ee5b9e3de4b8bdd74183d83205481c91a9effc8
git.kernel.org/stable/c/87a803edb2ded911cb587c53bff179d2a2ed2a28
git.kernel.org/stable/c/1879319d790f7d57622cdc22807b60ea78b56b6d
git.kernel.org/stable/c/78432d8f0372c71c518096395537fa12be7ff24e
git.kernel.org/stable/c/389bae9a4409934e8b8d4dbdaaf02a3ae71cf8e4
git.kernel.org/stable/c/cbede2e833da1893afbea9b3ff29b5dda23a4a91
git.kernel.org/stable/c/453b8fb68f3641fea970db88b7d9a153ed2a37e8

Frequently asked questions

What is CVE-2026-31788?: CVE-2026-31788 is a high-severity vulnerability in Linux. CVSS score: 8.2/10. Published 2026-03-25.
How severe is CVE-2026-31788?: High severity. CVSS v3 base score is 8.2 out of 10.