← Back ⬡ Vulnerabilities & CVEs Apr 24, 2026

CVE-2026-31605 | Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 Udlfb Driver divide by zero

VulDB Archived Apr 24, 2026 ✓ Full text saved

A vulnerability has been found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 and classified as critical . Impacted is an unknown function of the component Udlfb Driver . Performing a manipulation results in divide by zero. This vulnerability is reported as CVE-2026-31605 . The attacker must have access to the local network to execute the attack. No exploit exists. The affected component should be upgraded.

Full text archived locally

✦ AI Summary · Claude Sonnet

VDB-359398 · CVE-2026-31605 · GCVE-0-2026-31605 LINUX KERNEL UP TO 6.12.82/6.18.23/6.19.13/7.0.0 UDLFB DRIVER DIVIDE BY ZERO HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 5.5 $0-$5k 1.15+ Summaryinfo A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 and classified as critical. The affected element is an unknown function of the component Udlfb Driver. Executing a manipulation can lead to divide by zero. This vulnerability appears as CVE-2026-31605. There is no available exploit. It is suggested to upgrade the affected component. Detailsinfo A vulnerability classified as critical was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. This vulnerability affects an unknown code of the component Udlfb Driver. The manipulation with an unknown input leads to a divide by zero vulnerability. The CWE definition for the vulnerability is CWE-369. The product divides a value by zero. As an impact it is known to affect availability. CVE summarizes: In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that same crash from happening in the udlfb driver as it uses pixclock directly when dividing, which will crash. The advisory is available at git.kernel.org. This vulnerability was named CVE-2026-31605 since 03/09/2026. The technical details are unknown and an exploit is not available. Upgrading to version 6.12.83, 6.18.24, 6.19.14 or 7.0.1 eliminates this vulnerability. Applying the patch 03797cdee38ef19c87785622d423aabaafb71c5f/6de048d78f3029744778b7a2891745f3ca7c209a/cccbf9b7fdab48ce4feb69c24f7f928aa8e4e8b8/afaaaa38579f1252bb42b145f6e88a955c4f73f3 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. Productinfo Type Operating System Vendor Linux Name Kernel Version 6.12.0 6.12.1 6.12.2 6.12.3 6.12.4 6.12.5 6.12.6 6.12.7 6.12.8 6.12.9 6.12.10 6.12.11 6.12.12 6.12.13 6.12.14 6.12.15 6.12.16 6.12.17 6.12.18 6.12.19 6.12.20 6.12.21 6.12.22 6.12.23 6.12.24 6.12.25 6.12.26 6.12.27 6.12.28 6.12.29 6.12.30 6.12.31 6.12.32 6.12.33 6.12.34 6.12.35 6.12.36 6.12.37 6.12.38 6.12.39 6.12.40 6.12.41 6.12.42 6.12.43 6.12.44 6.12.45 6.12.46 6.12.47 6.12.48 6.12.49 6.12.50 6.12.51 6.12.52 6.12.53 6.12.54 6.12.55 6.12.56 6.12.57 6.12.58 6.12.59 6.12.60 6.12.61 6.12.62 6.12.63 6.12.64 6.12.65 6.12.66 6.12.67 6.12.68 6.12.69 6.12.70 6.12.71 6.12.72 6.12.73 6.12.74 6.12.75 6.12.76 6.12.77 6.12.78 6.12.79 6.12.80 6.12.81 6.12.82 6.18.0 6.18.1 6.18.2 6.18.3 6.18.4 6.18.5 6.18.6 6.18.7 6.18.8 6.18.9 6.18.10 6.18.11 6.18.12 6.18.13 6.18.14 6.18.15 6.18.16 6.18.17 6.18.18 6.18.19 6.18.20 6.18.21 6.18.22 6.18.23 6.19.0 6.19.1 6.19.2 6.19.3 6.19.4 6.19.5 6.19.6 6.19.7 6.19.8 6.19.9 6.19.10 6.19.11 6.19.12 6.19.13 7.0 License open-source Website Vendor: https://www.kernel.org/ CPE 2.3info 🔒 🔒 🔒 CPE 2.2info 🔒 🔒 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv3info VulDB Meta Base Score: 5.7 VulDB Meta Temp Score: 5.5 VulDB Base Score: 5.7 VulDB Temp Score: 5.5 VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Divide by zero CWE: CWE-369 / CWE-404 CAPEC: 🔒 ATT&CK: 🔒 Physical: No Local: No Remote: Partially Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Upgrade Status: 🔍 0-Day Time: 🔒 Upgrade: Kernel 6.12.83/6.18.24/6.19.14/7.0.1 Patch: 03797cdee38ef19c87785622d423aabaafb71c5f/6de048d78f3029744778b7a2891745f3ca7c209a/cccbf9b7fdab48ce4feb69c24f7f928aa8e4e8b8/afaaaa38579f1252bb42b145f6e88a955c4f73f3 Timelineinfo 03/09/2026 CVE reserved 04/24/2026 +45 days Advisory disclosed 04/24/2026 +0 days VulDB entry created 04/24/2026 +0 days VulDB entry last update Sourcesinfo Vendor: kernel.org Advisory: git.kernel.org Status: Confirmed CVE: CVE-2026-31605 (🔒) GCVE (CVE): GCVE-0-2026-31605 GCVE (VulDB): GCVE-100-359398 Entryinfo Created: 04/24/2026 17:53 Changes: 04/24/2026 17:53 (58) Complete: 🔍 Cache ID: 99:C1F:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸

💬 Team Notes