Main Vulnerability Database SB2026032587

SB2026032587 - Security restrictions bypass in Linux privcmd driver in Xen

Published: March 25, 2026

Security Bulletin ID SB2026032587

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Privilege Management (CVE-ID: CVE-2026-31788)

The vulnerability allows a local user to escalate privileges and modify kernel memory contents, breaking secure boot protections.

The vulnerability exists due to improper access control in the Xen privcmd driver when handling hypercalls from user space processes in an unprivileged domU running with secure boot enabled. A local user can exploit this by issuing arbitrary hypercalls to escalate privileges and modify kernel memory, compromising the integrity of the secure boot environment.

Exploitation requires the user to have root privileges within the unprivileged domU guest. The impact is particularly severe when secure boot is enabled, as it allows bypassing memory integrity protections.

Remediation

Install update from vendor's website.

References

https://xenbits.xen.org/xsa/advisory-482.html