CVE-2026-31699

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the crypto CCP component when retrieving the PEK CSR. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the system may still attempt to copy the blob to userspace. This results in a slab-out-of-bounds read, where the number of bytes required by the firmware overflows the kernel-allocated buffer, potentially leaking sensitive kernel data to userspace. This occurs within the sev ioctl do pek csr() and sev ioctl() functions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.