CVE-2026-31482

Source
https://cve.org/CVERecord?id=CVE-2026-31482
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31482.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-31482
Downstream
Published
2026-04-22T13:54:08.888Z
Modified
2026-06-18T03:56:22.444567918Z
Summary
s390/entry: Scrub r12 register on kernel entry
Details

In the Linux kernel, the following vulnerability has been resolved:

s390/entry: Scrub r12 register on kernel entry

Before commit f33f2d4c7c80 ("s390/bp: remove TIFISOLATEBP"), all entry handlers loaded r12 with the current task pointer (lg %r12,_LCCURRENT) for use by the BPENTER/BPEXIT macros. That commit removed TIFISOLATEBP, dropping both the branch prediction macros and the r12 load, but did not add r12 to the register clearing sequence.

Add the missing xgr %r12,%r12 to make the register scrub consistent across all entry points.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31482.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f33f2d4c7c80c641f6ca3dfe5e7dfe1f91543780
Fixed
a58d298a83a3a9b7ca99ded9d60a1e77231159ef
Fixed
95c899cd791803a5bf7b73e5994fbbe1cc1a9c36
Fixed
7f4e3233faa8470dd0627bc49b2809f2bfebd909
Fixed
99a8b420f3f0e162eb9c9c9253929d4d23f9bd30
Fixed
0738d395aab8fae3b5a3ad3fc640630c91693c27

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31482.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.4.0
Fixed
6.6.131
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.80
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.21
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.11

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31482.json"