CVE-2026-31542
Description
In the Linux kernel, the following vulnerability has been resolved:
x86/platform/uv: Handle deconfigured sockets
When a socket is deconfigured, it's mapped to SOCK_EMPTY (0xffff). This causes a panic while allocating UV hub info structures.
Fix this by using NUMA_NO_NODE, allowing UV hub info structures to be allocated on valid nodes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Linux kernel panic on x86 UV systems when a socket is deconfigured due to SOCK_EMPTY mapping; fixed by using NUMA_NO_NODE.
The vulnerability resides in the x86 platform UV subsystem of the Linux kernel. When a processor socket is deconfigured, the kernel incorrectly maps it to SOCK_EMPTY (0xffff). This value is then used when allocating UV hub info structures, leading to a kernel panic because the allocation targets an invalid node.
The panic can be triggered during system initialization or runtime reconfiguration on multi-socket UV platforms with deconfigured sockets. No authentication or special privileges are required, as the condition occurs during normal kernel operations when the system topology changes or boots with deconfigured hardware.
Successful exploitation results in a denial of service (system crash). The fix replaces SOCK_EMPTY with NUMA_NO_NODE, ensuring that hub info structures are allocated on valid memory nodes. Patches have been applied to the stable kernel tree as commits [1][2][3][4].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
5cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.5,<6.6.130
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- git.kernel.org/stable/c/1f6aa5bbf1d0f81a8a2aafc16136e7dd9a609ff3nvdPatch
- git.kernel.org/stable/c/79f0faf81d3bbbe5f07bf6892450d3740a1b290dnvdPatch
- git.kernel.org/stable/c/9956d4892e78812246336c7ea51f5aa62018049envdPatch
- git.kernel.org/stable/c/c1cf2218d2fa40a49921a7460981e5faab26f04envdPatch
- git.kernel.org/stable/c/c51957601d32c0d195bce0b9345dfe93ef5728ccnvdPatch
News mentions
0No linked articles in our index yet.