CVE-2026-31423

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. m1=4000000000), the result can reach 2^32. rtsc_min() stores the difference of two such u64 values in a u32 variable `dsm` and uses it as a divisor. When the difference is exactly 2^32 the truncation yields zero, causing a divide-by-zero oops in the concave-curve intersection path: Oops: divide error: 0000 RIP: 0010:rtsc_min (net/sched/sch_hfsc.c:601) Call Trace: init_ed (net/sched/sch_hfsc.c:629) hfsc_enqueue (net/sched/sch_hfsc.c:1569) [...] Widen `dsm` to u64 and replace do_div() with div64_u64() so the full difference is preserved.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/17c1b9807b8a67d676b6dcf749ee932ebaa7f568	Patch
https://git.kernel.org/stable/c/25b6821884713a31e2b49fb67b0ebd765b33e0a9	Patch
https://git.kernel.org/stable/c/4576100b8cd03118267513cafacde164b498b322	Patch
https://git.kernel.org/stable/c/ab1ff5890c7354afc7be56502fcfbd61f3b7ae4f	Patch
https://git.kernel.org/stable/c/ad8e8fec40290a8c8cf145c0deaadf76f80c5163	Patch
https://git.kernel.org/stable/c/b9e6431cbea8bb1fae8069ed099b4ee100499835	Patch
https://git.kernel.org/stable/c/c56f78614e7781aaceca9bd3cb2128bf7d45c3bd	Patch
https://git.kernel.org/stable/c/d0aefec1b1a1ba2c1d251028dc2c4e5b4ce1fea5	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:-::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc2::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc3::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc4::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc5::::::
	cpe:2.3:o:linux:linux_kernel:7.0:rc6::::::

History

20 May 2026, 18:06

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc4:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:-:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:7.0:rc2:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc6:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc5:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:7.0:rc1::::::
References	~~() https://git.kernel.org/stable/c/17c1b9807b8a67d676b6dcf749ee932ebaa7f568 -~~	() https://git.kernel.org/stable/c/17c1b9807b8a67d676b6dcf749ee932ebaa7f568 - Patch
References	~~() https://git.kernel.org/stable/c/25b6821884713a31e2b49fb67b0ebd765b33e0a9 -~~	() https://git.kernel.org/stable/c/25b6821884713a31e2b49fb67b0ebd765b33e0a9 - Patch
References	~~() https://git.kernel.org/stable/c/4576100b8cd03118267513cafacde164b498b322 -~~	() https://git.kernel.org/stable/c/4576100b8cd03118267513cafacde164b498b322 - Patch
References	~~() https://git.kernel.org/stable/c/ab1ff5890c7354afc7be56502fcfbd61f3b7ae4f -~~	() https://git.kernel.org/stable/c/ab1ff5890c7354afc7be56502fcfbd61f3b7ae4f - Patch
References	~~() https://git.kernel.org/stable/c/ad8e8fec40290a8c8cf145c0deaadf76f80c5163 -~~	() https://git.kernel.org/stable/c/ad8e8fec40290a8c8cf145c0deaadf76f80c5163 - Patch
References	~~() https://git.kernel.org/stable/c/b9e6431cbea8bb1fae8069ed099b4ee100499835 -~~	() https://git.kernel.org/stable/c/b9e6431cbea8bb1fae8069ed099b4ee100499835 - Patch
References	~~() https://git.kernel.org/stable/c/c56f78614e7781aaceca9bd3cb2128bf7d45c3bd -~~	() https://git.kernel.org/stable/c/c56f78614e7781aaceca9bd3cb2128bf7d45c3bd - Patch
References	~~() https://git.kernel.org/stable/c/d0aefec1b1a1ba2c1d251028dc2c4e5b4ce1fea5 -~~	() https://git.kernel.org/stable/c/d0aefec1b1a1ba2c1d251028dc2c4e5b4ce1fea5 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux linux Kernel Linux
CWE		CWE-369

18 Apr 2026, 09:16

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/ab1ff5890c7354afc7be56502fcfbd61f3b7ae4f - () https://git.kernel.org/stable/c/ad8e8fec40290a8c8cf145c0deaadf76f80c5163 -

13 Apr 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-04-13 14:16

Updated : 2026-05-20 18:06

NVD link : CVE-2026-31423

Mitre link : CVE-2026-31423

CVE.ORG link : CVE-2026-31423

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-369

Divide By Zero

5.5 /10