{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31482", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.101Z", "datePublished": "2026-04-22T13:54:08.888Z", "dateUpdated": "2026-04-22T13:54:08.888Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-22T13:54:08.888Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/entry: Scrub r12 register on kernel entry\n\nBefore commit f33f2d4c7c80 (\"s390/bp: remove TIF_ISOLATE_BP\"),\nall entry handlers loaded r12 with the current task pointer\n(lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That\ncommit removed TIF_ISOLATE_BP, dropping both the branch prediction\nmacros and the r12 load, but did not add r12 to the register clearing\nsequence.\n\nAdd the missing xgr %r12,%r12 to make the register scrub consistent\nacross all entry points."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/kernel/entry.S"], "versions": [{"version": "f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780", "lessThan": "a58d298a83a3a9b7ca99ded9d60a1e77231159ef", "status": "affected", "versionType": "git"}, {"version": "f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780", "lessThan": "95c899cd791803a5bf7b73e5994fbbe1cc1a9c36", "status": "affected", "versionType": "git"}, {"version": "f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780", "lessThan": "7f4e3233faa8470dd0627bc49b2809f2bfebd909", "status": "affected", "versionType": "git"}, {"version": "f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780", "lessThan": "99a8b420f3f0e162eb9c9c9253929d4d23f9bd30", "status": "affected", "versionType": "git"}, {"version": "f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780", "lessThan": "0738d395aab8fae3b5a3ad3fc640630c91693c27", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/kernel/entry.S"], "versions": [{"version": "6.4", "status": "affected"}, {"version": "0", "lessThan": "6.4", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.131", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.80", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.21", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.11", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.6.131"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.12.80"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.18.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.19.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a58d298a83a3a9b7ca99ded9d60a1e77231159ef"}, {"url": "https://git.kernel.org/stable/c/95c899cd791803a5bf7b73e5994fbbe1cc1a9c36"}, {"url": "https://git.kernel.org/stable/c/7f4e3233faa8470dd0627bc49b2809f2bfebd909"}, {"url": "https://git.kernel.org/stable/c/99a8b420f3f0e162eb9c9c9253929d4d23f9bd30"}, {"url": "https://git.kernel.org/stable/c/0738d395aab8fae3b5a3ad3fc640630c91693c27"}], "title": "s390/entry: Scrub r12 register on kernel entry", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/entry: Scrub r12 register on kernel entry\n\nBefore commit f33f2d4c7c80 (\"s390/bp: remove TIF_ISOLATE_BP\"),\nall entry handlers loaded r12 with the current task pointer\n(lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That\ncommit removed TIF_ISOLATE_BP, dropping both the branch prediction\nmacros and the r12 load, but did not add r12 to the register clearing\nsequence.\n\nAdd the missing xgr %r12,%r12 to make the register scrub consistent\nacross all entry points."}], "id": "CVE-2026-31482", "lastModified": "2026-04-22T14:16:45.457", "metrics": {}, "published": "2026-04-22T14:16:45.457", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0738d395aab8fae3b5a3ad3fc640630c91693c27"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7f4e3233faa8470dd0627bc49b2809f2bfebd909"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/95c899cd791803a5bf7b73e5994fbbe1cc1a9c36"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/99a8b420f3f0e162eb9c9c9253929d4d23f9bd30"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a58d298a83a3a9b7ca99ded9d60a1e77231159ef"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780,a58d298a83a3a9b7ca99ded9d60a1e77231159ef)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780,95c899cd791803a5bf7b73e5994fbbe1cc1a9c36)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780,7f4e3233faa8470dd0627bc49b2809f2bfebd909)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780,99a8b420f3f0e162eb9c9c9253929d4d23f9bd30)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780,0738d395aab8fae3b5a3ad3fc640630c91693c27)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.4)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.131,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.80,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.21,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.11,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-22T18:52:56.508504+00:00", "value": {"mitigation_remediation": ["Apply a Linux kernel update that includes the r12 register clearing commit", "Restart the system to load the updated kernel", "If an immediate kernel update is not possible, limit execution of untrusted kernel modules or use mandatory access controls as a temporary safeguard"], "summary": {"action": "Immediate Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "All Linux kernel releases for s390 hardware that do not include the commit adding the r12 register clearing. No specific kernel version numbers are listed in the advisory, so any older kernel lacking the patch is potentially affected.", "description_and_impact": "The Linux kernel for s390 processors fails to clear the r12 register when entering kernel mode. A prior commit removed the load of the current task pointer into r12 and the patch that should have scrubbed this value was omitted. The lingering register contents may expose a pointer to the current task, allowing a local attacker to read or infer sensitive kernel data.", "risk_and_exploitability": "No EPSS score and the vulnerability is not listed in CISA KEV, indicating an uncertain exploitation probability. Because the flaw involves a register only manipulated during kernel entry, the attack vector is presumably local or requires elevated privileges. The absence of a CVSS score means the exact severity cannot be quantified, but the potential for information leakage exists."}}}}, "created": "2026-04-22T17:45:22.661122+00:00", "updated": "2026-04-22T19:00:08.093690+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-863"]}