{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31542", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.114Z", "datePublished": "2026-04-24T14:33:11.205Z", "dateUpdated": "2026-05-11T22:10:47.496Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:10:47.496Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/platform/uv: Handle deconfigured sockets\n\nWhen a socket is deconfigured, it's mapped to SOCK_EMPTY (0xffff). This causes\na panic while allocating UV hub info structures.\n\nFix this by using NUMA_NO_NODE, allowing UV hub info structures to be\nallocated on valid nodes."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/kernel/apic/x2apic_uv_x.c"], "versions": [{"version": "8a50c58519271dd24ba760bb282875f6ad66ee71", "lessThan": "c51957601d32c0d195bce0b9345dfe93ef5728cc", "status": "affected", "versionType": "git"}, {"version": "8a50c58519271dd24ba760bb282875f6ad66ee71", "lessThan": "9956d4892e78812246336c7ea51f5aa62018049e", "status": "affected", "versionType": "git"}, {"version": "8a50c58519271dd24ba760bb282875f6ad66ee71", "lessThan": "79f0faf81d3bbbe5f07bf6892450d3740a1b290d", "status": "affected", "versionType": "git"}, {"version": "8a50c58519271dd24ba760bb282875f6ad66ee71", "lessThan": "c1cf2218d2fa40a49921a7460981e5faab26f04e", "status": "affected", "versionType": "git"}, {"version": "8a50c58519271dd24ba760bb282875f6ad66ee71", "lessThan": "1f6aa5bbf1d0f81a8a2aafc16136e7dd9a609ff3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/kernel/apic/x2apic_uv_x.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.78", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.20", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.10", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.12.78"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.18.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.19.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c51957601d32c0d195bce0b9345dfe93ef5728cc"}, {"url": "https://git.kernel.org/stable/c/9956d4892e78812246336c7ea51f5aa62018049e"}, {"url": "https://git.kernel.org/stable/c/79f0faf81d3bbbe5f07bf6892450d3740a1b290d"}, {"url": "https://git.kernel.org/stable/c/c1cf2218d2fa40a49921a7460981e5faab26f04e"}, {"url": "https://git.kernel.org/stable/c/1f6aa5bbf1d0f81a8a2aafc16136e7dd9a609ff3"}], "title": "x86/platform/uv: Handle deconfigured sockets", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "424B60E1-5C36-40FF-9029-5E50093BEDA5", "versionEndExcluding": "6.6.130", "versionStartIncluding": "6.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "28D591F5-B196-4CC9-905C-DC80F116E7A8", "versionEndExcluding": "6.12.78", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5571059-6552-48E7-9BEF-3E358C387171", "versionEndExcluding": "6.18.20", "versionStartIncluding": "6.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "96D34333-38BE-4414-9E79-6EB764329581", "versionEndExcluding": "6.19.10", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/platform/uv: Handle deconfigured sockets\n\nWhen a socket is deconfigured, it's mapped to SOCK_EMPTY (0xffff). This causes\na panic while allocating UV hub info structures.\n\nFix this by using NUMA_NO_NODE, allowing UV hub info structures to be\nallocated on valid nodes."}], "id": "CVE-2026-31542", "lastModified": "2026-04-28T18:48:31.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-24T15:16:28.237", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1f6aa5bbf1d0f81a8a2aafc16136e7dd9a609ff3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/79f0faf81d3bbbe5f07bf6892450d3740a1b290d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9956d4892e78812246336c7ea51f5aa62018049e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c1cf2218d2fa40a49921a7460981e5faab26f04e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c51957601d32c0d195bce0b9345dfe93ef5728cc"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: x86/platform/uv: Handle deconfigured sockets", "id": "2461559", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461559"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-386", "details": ["A flaw was found in the Linux kernel's x86/platform/uv component. When a socket is deconfigured, it is incorrectly mapped to SOCK_EMPTY instead of NUMA_NO_NODE. This improper handling can lead to a system panic during the allocation of UV hub information structures, resulting in a Denial of Service (DoS) for the affected system."], "name": "CVE-2026-31542", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31542\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31542\nhttps://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31542-ba9f@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[8a50c58519271dd24ba760bb282875f6ad66ee71,c51957601d32c0d195bce0b9345dfe93ef5728cc)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[8a50c58519271dd24ba760bb282875f6ad66ee71,9956d4892e78812246336c7ea51f5aa62018049e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[8a50c58519271dd24ba760bb282875f6ad66ee71,79f0faf81d3bbbe5f07bf6892450d3740a1b290d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[8a50c58519271dd24ba760bb282875f6ad66ee71,c1cf2218d2fa40a49921a7460981e5faab26f04e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[8a50c58519271dd24ba760bb282875f6ad66ee71,1f6aa5bbf1d0f81a8a2aafc16136e7dd9a609ff3)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.5"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.5)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.130,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.78,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.20,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.10,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-28T23:46:01.315598+00:00", "value": {"mitigation_remediation": ["Update the system to a Linux kernel version that incorporates the fix for the UV socket deconfiguration bug.", "If a packaged kernel update is not yet available from your distribution, extract and apply the backported patch from the kernel repository to your build.", "While awaiting an official update, monitor for kernel panic logs related to UV sockets and consider disabling or limiting the use of UV sockets until the patch is applied."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Hardware sockets running the Linux kernel that include the x86/UV platform are affected. No specific kernel release numbers are listed; any kernel build that implements the vulnerable UV driver before the fix is potentially impacted. Operators should verify whether their current kernel version contains the fix from the listed kernel commit references.", "description_and_impact": "A flaw in the Linux kernel\u2019s x86 platform UV driver causes a panic when a socket is deconfigured, because the socket is mapped to the special value SOCK_EMPTY (0xffff). During allocation of UV hub information structures this mapping leads to an invalid reference, triggering a kernel crash. The result is a system\u2011wide denial of service, as the kernel stops responding after the panic. The weakness matches CWE\u2011386, typically indicating an issue with incorrect handling of values leading to errors such as panics.", "risk_and_exploitability": "With a CVSS score of 5.5 the vulnerability presents a moderate risk. The EPSS score is below 1\u202f% and the issue is not listed in CISA\u2019s KEV catalog, so the likelihood of exploitation is low. Likely attack vectors would require local access or the ability to force a deconfiguration of a UV socket, though the exact method is not detailed in the advisory. The impact remains availability\u2011only, causing a crash rather than data compromise."}}}}, "created": "2026-04-27T19:15:11.626031+00:00", "updated": "2026-04-29T00:00:13.788240+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}