Global Register Variable Vulnerability in Linux Kernel Affects MIPS Architecture
CVE-2026-46250

7.3HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 June 2026

What is CVE-2026-46250?

A vulnerability has been identified in the Linux kernel regarding the handling of the $gp register as a global variable on MIPS architecture. This issue arises when using LLVM, which incorrectly restores $gp if it detects any clobbering, conflicting with the expected behavior as per GCC's documentation. This results in potential crashes during kernel initialization due to an early crash in init_idle when the address of $gp points to the unrelocated kernel. Workarounds, including the use of inline assembly, have been proposed to mitigate the impact of this bug until a permanent fix is implemented.

Affected Version(s)

Linux 279b991b24d2439fbe9d2f093988b9c8aed2603d < 05bff9b0ae095b2420cfebb4a96759a09334bec6

Linux 279b991b24d2439fbe9d2f093988b9c8aed2603d < 1fe3b402b1e97a1718df3be0a1d3eee20133e735

Linux 279b991b24d2439fbe9d2f093988b9c8aed2603d < 4dc65b40fb80c2020efbf139b9a38d30f9a37b92

References

https://git.kernel.org/stable/c/05bff9b0ae095b2420cfebb4a...

https://git.kernel.org/stable/c/1fe3b402b1e97a1718df3be0a...

https://git.kernel.org/stable/c/4dc65b40fb80c2020efbf139b...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46250 Data

JSON