CVE-2026-31480

Source
https://cve.org/CVERecord?id=CVE-2026-31480
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31480.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31480
Downstream
Related
Published
2026-04-22T13:54:07.566Z
Modified
2026-07-09T18:30:47.174848856Z
Summary
tracing: Fix potential deadlock in cpu hotplug with osnoise
Details

In the Linux kernel, the following vulnerability has been resolved:

tracing: Fix potential deadlock in cpu hotplug with osnoise

The following sequence may leads deadlock in cpu hotplug:

task1        task2        task3
-----        -----        -----

mutexlock(&interfacelock)

        [CPU GOING OFFLINE]

        cpus_write_lock();
        osnoise_cpu_die();
          kthread_stop(task3);
            wait_for_completion();

                  osnoise_sleep();
                    mutex_lock(&interface_lock);

cpusreadlock();

[DEAD LOCK]

Fix by swap the order of cpusreadlock() and mutexlock(&interfacelock).

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31480.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bce29ac9ce0bb0b0b146b687ab978378c21e9078
Fixed
cf929c21eeed5bd39873fb14bfdfff963fa6f1da
Fixed
7aa095ce7d224308cb6979956f0de8607df93d4f
Fixed
ef41a85a55022e27cdaebf22a6676910b66f65aa
Fixed
03474a01c199de17a8e2d39b51df6beb9c76e831
Fixed
f278b8ebf7eba2a1699cfc7bf30dd3ef898d60d7
Fixed
7a41d4633cd2c15eb5ed31e8f3b16910e50a8c9f
Fixed
1f9885732248d22f788e4992c739a98c88ab8a55

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31480.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.14.0
Fixed
5.15.203
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.168
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.131
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.80
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.21
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.11

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31480.json"