Description
In the Linux kernel, the following vulnerability has been resolved:

s390/entry: Scrub r12 register on kernel entry

Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"),
all entry handlers loaded r12 with the current task pointer
(lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That
commit removed TIF_ISOLATE_BP, dropping both the branch prediction
macros and the r12 load, but did not add r12 to the register clearing
sequence.

Add the missing xgr %r12,%r12 to make the register scrub consistent
across all entry points.
Published: 2026-04-22
Score: 7.0 High
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Immediate Patch
AI Analysis

Impact

The Linux kernel for s390 processors fails to clear the r12 register when entering kernel mode. A prior commit removed the load of the current task pointer into r12 and the patch that should have scrubbed this value was omitted. The lingering register contents may expose a pointer to the current task, allowing a local attacker to read or infer sensitive kernel data.

Affected Systems

All Linux kernel releases for s390 hardware that do not include the commit adding the r12 register clearing. No specific kernel version numbers are listed in the advisory, so any older kernel lacking the patch is potentially affected.

Risk and Exploitability

No EPSS score and the vulnerability is not listed in CISA KEV, indicating an uncertain exploitation probability. Because the flaw involves a register only manipulated during kernel entry, the attack vector is presumably local or requires elevated privileges. The absence of a CVSS score means the exact severity cannot be quantified, but the potential for information leakage exists.

Generated by OpenCVE AI on April 22, 2026 at 18:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a Linux kernel update that includes the r12 register clearing commit
  • Restart the system to load the updated kernel
  • If an immediate kernel update is not possible, limit execution of untrusted kernel modules or use mandatory access controls as a temporary safeguard

Generated by OpenCVE AI on April 22, 2026 at 18:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 23 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-909
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Moderate

Wed, 22 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863

Wed, 22 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: s390/entry: Scrub r12 register on kernel entry Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"), all entry handlers loaded r12 with the current task pointer (lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That commit removed TIF_ISOLATE_BP, dropping both the branch prediction macros and the r12 load, but did not add r12 to the register clearing sequence. Add the missing xgr %r12,%r12 to make the register scrub consistent across all entry points.
Title s390/entry: Scrub r12 register on kernel entry
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-22T13:54:08.888Z

Reserved: 2026-03-09T15:48:24.101Z

Link: CVE-2026-31482

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-22T14:16:45.457

Modified: 2026-04-23T16:17:41.280

Link: CVE-2026-31482

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-22T00:00:00Z

Links: CVE-2026-31482 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T19:00:08Z

Weaknesses