CVE-2026-31786

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A buffer overflow exists in the drivers/xen/sys-hypervisor.c file. The build ID returned by the HYPERVISOR xen version(XENVER build id) function is not a string and lacks NUL termination. Consequently, the sprintf() function in buildid show() continues reading and copying data until a NUL character is encountered, leading to a buffer overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.