CVE-2026-31605

MEDIUM

fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that same crash from happening in the udlfb driver as it uses pixclock directly when dividing, which will crash.

References (6)

https://git.kernel.org/stable/c/03797cdee38ef19c87785622d423aabaafb71c5f

https://git.kernel.org/stable/c/6de048d78f3029744778b7a2891745f3ca7c209a

https://git.kernel.org/stable/c/cccbf9b7fdab48ce4feb69c24f7f928aa8e4e8b8

https://git.kernel.org/stable/c/afaaaa38579f1252bb42b145f6e88a955c4f73f3

https://git.kernel.org/stable/c/a31e4518bec70333a0a98f2946a12b53b45fe5b9

https://git.kernel.org/stable/c/cce24f70090e0decb597b88bc52e8ef8efed6105

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-369

Status published

Products (19)

Linux/Linux < 2.6.34

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 03797cdee38ef19c87785622d423aabaafb71c5f

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 6de048d78f3029744778b7a2891745f3ca7c209a

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - afaaaa38579f1252bb42b145f6e88a955c4f73f3

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - cccbf9b7fdab48ce4feb69c24f7f928aa8e4e8b8

Linux/Linux 2.6.34

Linux/Linux 59277b679f8b5ce594e367759256668eba652d0d - 03797cdee38ef19c87785622d423aabaafb71c5f

Linux/Linux 59277b679f8b5ce594e367759256668eba652d0d - 6de048d78f3029744778b7a2891745f3ca7c209a

Linux/Linux 59277b679f8b5ce594e367759256668eba652d0d - a31e4518bec70333a0a98f2946a12b53b45fe5b9

Linux/Linux 59277b679f8b5ce594e367759256668eba652d0d - afaaaa38579f1252bb42b145f6e88a955c4f73f3

... and 9 more

Published Apr 24, 2026

Tracked Since Apr 24, 2026