CVE-2026-31698

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the crypto CCP module when retrieving the PDH certificate. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the system may still attempt to copy blobs to userspace. This can lead to a slab-out-of-bounds read, overflowing the kernel-allocated buffer and leaking sensitive data to userspace. The issue involves the sev ioctl do pdh export() and sev ioctl() functions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.