CVE-2026-31574

EUVD-2026-25467
In the Linux kernel, the following vulnerability has been resolved:

clockevents: Add missing resets of the next_event_forced flag

The prevention mechanism against timer interrupt starvation missed to reset
the next_event_forced flag in a couple of places:

    - When the clock event state changes. That can cause the flag to be
      stale over a shutdown/startup sequence

    - When a non-forced event is armed, which then prevents rearming before
      that event. If that event is far out in the future this will cause
      missed timer interrupts.

    - In the suspend wakeup handler.

That led to stalls which have been reported by several people.

Add the missing resets, which fixes the problems for the reporters.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
7.0
𝑥
= Vulnerable software versions
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.139.1-1.azl3
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/4096fd0e8eaea13ebe5206700b33f49635ae18e5
https://git.kernel.org/stable/c/9401b593fa48218d2667df1610b0ebc518554880