[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-31697":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":34,"related":35,"reserved_at":9,"published_at":39,"modified_at":40,"state":41,"summary":42,"references_raw":51,"kevs":86,"epss":87,"epss_history":90,"metrics":189,"affected":197},"CVE-2026-31697","In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don't attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don't attempt to copy the ID blob to\nuserspace if the firmware command failed.  If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n  BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n  BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n  BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n  Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n  CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G     U     O        7.0.0-smp-DEV #28 PREEMPTLAZY\n  Tainted: [U]=USER, [O]=OOT_MODULE\n  Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n  Call Trace:\n   \u003CTASK>\n   dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n   print_address_description ../mm/kasan/report.c:378 [inline]\n   print_report+0xbc/0x260 ../mm/kasan/report.c:482\n   kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n   check_region_inline ../mm/kasan/generic.c:-1 [inline]\n   kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n   instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n   _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n   _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n   copy_to_user ../include/linux/uaccess.h:236 [inline]\n   sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n   sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n   vfs_ioctl ../fs/ioctl.c:51 [inline]\n   __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n   __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n   do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n   do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n   entry_SYSCALL_64_after_hwframe+0x76/0x7e\n   \u003C/TASK>\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],[],[],[],[24,26,28,30,32],{"_key":25},"MGASA-2026-0108",{"_key":27},"MGASA-2026-0110",{"_key":29},"DEBIAN-CVE-2026-31697",{"_key":31},"OPENSUSE-SU-2026:10793-1",{"_key":33},"UBUNTU-CVE-2026-31697",[],[36,37],{"_key":31},{"_key":38},"CGA-QHW7-X44W-R5HG","2026-05-01T13:55:58.184Z","2026-06-01T16:13:35.690Z","Modified",{"cisa_kev":43,"cisa_ransomware":43,"cisa_vendor":9,"epss_severity":44,"epss_score":45,"severity":46,"severity_score":47,"severity_version":48,"severity_source":49,"severity_vector":50,"severity_status":41},false,"low",0.00015,"high",7.1,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",[52,58,62,66,70,74,78,82],{"url":53,"sources":54,"tags":56},"https://git.kernel.org/stable/c/09427bcb1715fb20a80b6acd5156dbf15ab5c363",[49,55],"nvd",[57],"Patch",{"url":59,"sources":60,"tags":61},"https://git.kernel.org/stable/c/1fbac0429a42adec830491757a2b53956dd797ea",[49,55],[57],{"url":63,"sources":64,"tags":65},"https://git.kernel.org/stable/c/2937f17bbeefb8e7608ff1f78cffbeb3d0281e5e",[49,55],[57],{"url":67,"sources":68,"tags":69},"https://git.kernel.org/stable/c/06f06d88c05ce176c61fff8c72c372847b0dd2b5",[49,55],[57],{"url":71,"sources":72,"tags":73},"https://git.kernel.org/stable/c/4f685dbfa87c546e51d9dc6cab379d20f275e114",[49,55],[57],{"url":75,"sources":76,"tags":77},"https://git.kernel.org/stable/c/99bae2e3c3f9ba8f854c938ed2c811b6a63b28e4",[49,55],[],{"url":79,"sources":80,"tags":81},"https://git.kernel.org/stable/c/a21ae9f8769e5f75433bb0a85ac3868b2100ef5b",[49,55],[],{"url":83,"sources":84,"tags":85},"https://git.kernel.org/stable/c/0f1f2f9894893dc8a28af1b9e9dbc0abf453eb52",[49,55],[],[],{"date":88,"score":45,"percentile":89},"2026-06-04",0.0355,[91,95,99,102,104,107,111,114,117,120,122,124,127,130,133,136,139,141,144,147,150,153,156,159,162,165,168,171,174,177,180,183,186,188],{"date":92,"score":93,"percentile":94},"2026-05-02",0.00018,0.04852,{"date":96,"score":97,"percentile":98},"2026-05-03",0.00012,0.01739,{"date":100,"score":97,"percentile":101},"2026-05-04",0.01737,{"date":103,"score":97,"percentile":101},"2026-05-05",{"date":105,"score":97,"percentile":106},"2026-05-06",0.01725,{"date":108,"score":109,"percentile":110},"2026-05-07",0.00013,0.02363,{"date":112,"score":109,"percentile":113},"2026-05-08",0.02376,{"date":115,"score":109,"percentile":116},"2026-05-09",0.02403,{"date":118,"score":109,"percentile":119},"2026-05-10",0.02399,{"date":121,"score":109,"percentile":119},"2026-05-11",{"date":123,"score":109,"percentile":119},"2026-05-12",{"date":125,"score":109,"percentile":126},"2026-05-13",0.02411,{"date":128,"score":109,"percentile":129},"2026-05-14",0.02424,{"date":131,"score":109,"percentile":132},"2026-05-15",0.02432,{"date":134,"score":109,"percentile":135},"2026-05-16",0.02446,{"date":137,"score":109,"percentile":138},"2026-05-17",0.02443,{"date":140,"score":109,"percentile":129},"2026-05-18",{"date":142,"score":109,"percentile":143},"2026-05-19",0.0241,{"date":145,"score":109,"percentile":146},"2026-05-20",0.02406,{"date":148,"score":109,"percentile":149},"2026-05-21",0.02389,{"date":151,"score":109,"percentile":152},"2026-05-22",0.02535,{"date":154,"score":109,"percentile":155},"2026-05-23",0.02529,{"date":157,"score":109,"percentile":158},"2026-05-24",0.025,{"date":160,"score":109,"percentile":161},"2026-05-25",0.02486,{"date":163,"score":109,"percentile":164},"2026-05-26",0.02454,{"date":166,"score":109,"percentile":167},"2026-05-27",0.02473,{"date":169,"score":109,"percentile":170},"2026-05-28",0.02465,{"date":172,"score":109,"percentile":173},"2026-05-29",0.02472,{"date":175,"score":109,"percentile":176},"2026-05-30",0.02495,{"date":178,"score":109,"percentile":179},"2026-05-31",0.02488,{"date":181,"score":109,"percentile":182},"2026-06-01",0.02474,{"date":184,"score":45,"percentile":185},"2026-06-02",0.03562,{"date":187,"score":45,"percentile":89},"2026-06-03",{"date":88,"score":45,"percentile":89},[190,195],{"source":49,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":191,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":192,"vectorString":50,"impactScore":193,"exploitabilityScore":194},"HIGH",8.7,4.6,{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":196,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":192,"vectorString":50,"impactScore":193,"exploitabilityScore":194},[198,233],{"ecosystem":9,"name":199,"vendor":200,"product":200,"cpe_part":201,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":202},"Linux","linux","a",[203,210,213,216,219,222,225,228,231],{"version":204,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":208,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 99bae2e3c3f9ba8f854c938ed2c811b6a63b28e4",true,"d6112ea0cb344d6f5ed519991e24f69ba4b43d0e","including","99bae2e3c3f9ba8f854c938ed2c811b6a63b28e4","excluding",{"version":211,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":212,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C a21ae9f8769e5f75433bb0a85ac3868b2100ef5b","a21ae9f8769e5f75433bb0a85ac3868b2100ef5b",{"version":214,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":215,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 0f1f2f9894893dc8a28af1b9e9dbc0abf453eb52","0f1f2f9894893dc8a28af1b9e9dbc0abf453eb52",{"version":217,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":218,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 09427bcb1715fb20a80b6acd5156dbf15ab5c363","09427bcb1715fb20a80b6acd5156dbf15ab5c363",{"version":220,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":221,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 1fbac0429a42adec830491757a2b53956dd797ea","1fbac0429a42adec830491757a2b53956dd797ea",{"version":223,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":224,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 2937f17bbeefb8e7608ff1f78cffbeb3d0281e5e","2937f17bbeefb8e7608ff1f78cffbeb3d0281e5e",{"version":226,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":227,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 06f06d88c05ce176c61fff8c72c372847b0dd2b5","06f06d88c05ce176c61fff8c72c372847b0dd2b5",{"version":229,"is_range":205,"range_type":49,"version_start":206,"version_start_type":207,"version_end":230,"version_end_type":209,"fixed_in":9},">= d6112ea0cb344d6f5ed519991e24f69ba4b43d0e, \u003C 4f685dbfa87c546e51d9dc6cab379d20f275e114","4f685dbfa87c546e51d9dc6cab379d20f275e114",{"version":232,"is_range":43,"range_type":49,"version_start":232,"version_start_type":207,"version_end":232,"version_end_type":207,"fixed_in":9},"5.2",{"ecosystem":9,"name":234,"vendor":200,"product":235,"cpe_part":236,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":237},"linux kernel","linux_kernel","o",[238,242,246,250,254,256],{"version":239,"is_range":205,"range_type":240,"version_start":232,"version_start_type":207,"version_end":241,"version_end_type":209,"fixed_in":9},"gte5.2_lt6.6.136","cpe","6.6.136",{"version":243,"is_range":205,"range_type":240,"version_start":244,"version_start_type":207,"version_end":245,"version_end_type":209,"fixed_in":9},"gte6.7_lt6.12.84","6.7","6.12.84",{"version":247,"is_range":205,"range_type":240,"version_start":248,"version_start_type":207,"version_end":249,"version_end_type":209,"fixed_in":9},"gte6.13_lt6.18.25","6.13","6.18.25",{"version":251,"is_range":205,"range_type":240,"version_start":252,"version_start_type":207,"version_end":253,"version_end_type":209,"fixed_in":9},"gte6.19_lt7.0.2","6.19","7.0.2",{"version":255,"is_range":43,"range_type":240,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1:rc1",{"version":257,"is_range":43,"range_type":240,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1:rc2"]