CVE-2026-31618

MEDIUM

fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that same crash from happening in the udlfb driver as it uses pixclock directly when dividing, which will crash.

References (6)

https://git.kernel.org/stable/c/53cb4e79a07124d2ebe502983c29800104080b47

https://git.kernel.org/stable/c/fc386daa6846551a88d338ba9864fc2812cd9030

https://git.kernel.org/stable/c/6567d3e1aaadfebf44ce7dc9ea2630323cd4c736

https://git.kernel.org/stable/c/63dfb0b4741f46d65b667c4275132b3d1966acc8

https://git.kernel.org/stable/c/8f98b81fe011e1879e6a7b1247e69e06a5e17af2

https://git.kernel.org/stable/c/859a239d58a812b61267d9944b701affe6a6244e

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-369

Status published

Products (16)

Linux/Linux < 2.6.12

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 53cb4e79a07124d2ebe502983c29800104080b47

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 63dfb0b4741f46d65b667c4275132b3d1966acc8

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 6567d3e1aaadfebf44ce7dc9ea2630323cd4c736

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 859a239d58a812b61267d9944b701affe6a6244e

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 8f98b81fe011e1879e6a7b1247e69e06a5e17af2

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - fc386daa6846551a88d338ba9864fc2812cd9030

Linux/Linux 2.6.12

Linux/Linux 6.12.83 - 6.12.*

Linux/Linux 6.18.24 - 6.18.*

... and 6 more

Published Apr 24, 2026

Tracked Since Apr 24, 2026