CVE-2026-31697

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the crypto CCP module when retrieving the CPU ID. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the system may still attempt to copy the ID blob to userspace. This results in a slab-out-of-bounds read, where the number of bytes required by the firmware overflows the kernel-allocated buffer, potentially leaking kernel data to userspace. The issue is triggered within the sev ioctl do get id2() function during the execution of sev ioctl.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.