On Tue, Mar 24, 2026 at 12:05:44PM +0000, Xen.org security team wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Xen Security Advisory XSA-482 > version 2 > > Linux privcmd driver can circumvent kernel lockdown > > UPDATES IN VERSION 2 > ==================== > > Public release. > > ISSUE DESCRIPTION > ================= > > The Linux kernel's privcmd driver can be abused to circumvent kernel > lockdown (secure boot), e.g. by modifying page tables to enable user > mode to modify kernel memory. > > The CNA covering Linux has refused to assign a CVE at this juncture.
This is now assigned to CVE-2026-31788 thanks, greg k-h
