CVE-2026-31605
Published: May 3, 2026Last modified: June 2, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that same crash from happening in the udlfb driver as it uses pixclock directly when dividing, which will crash.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.175-r0) |
| 25 LTS | linux-lts | Fixed (6.12.85-r0) | |
| Stream | linux-lts | Fixed (6.12.85-r0) |
References
- https://git.kernel.org/stable/c/03797cdee38ef19c87785622d423aabaafb71c5f
- https://git.kernel.org/stable/c/6de048d78f3029744778b7a2891745f3ca7c209a
- https://git.kernel.org/stable/c/828ce54b27de93bd9c67991bca5a2c76c76742de
- https://git.kernel.org/stable/c/9981de9fb5ae0d3d6bc5ff5ca63350c2a3cdc564
- https://git.kernel.org/stable/c/a31e4518bec70333a0a98f2946a12b53b45fe5b9
- https://git.kernel.org/stable/c/afaaaa38579f1252bb42b145f6e88a955c4f73f3
- https://git.kernel.org/stable/c/cccbf9b7fdab48ce4feb69c24f7f928aa8e4e8b8
- https://git.kernel.org/stable/c/cce24f70090e0decb597b88bc52e8ef8efed6105
- https://git.kernel.org/stable/c/fd50ab7dd4ee5bbb4aebffa76ae18484b03a8ea5