CVE-2026-31603

EUVD-2026-25496
In the Linux kernel, the following vulnerability has been resolved:

staging: sm750fb: fix division by zero in ps_to_hz()

ps_to_hz() is called from hw_sm750_crtc_set_mode() without validating
that pixclock is non-zero. A zero pixclock passed via FBIOPUT_VSCREENINFO
causes a division by zero.

Fix by rejecting zero pixclock in lynxfb_ops_check_var(), consistent
with other framebuffer drivers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
4.1 ≤
𝑥
< 6.6.136
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.83
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.24
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.14
linuxlinux_kernel
7.0 ≤
𝑥
< 7.0.1
𝑥
= Vulnerable software versions
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.137.1-1.azl3
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/124a43550db8a74eef080cd4573a4904efe67029
https://git.kernel.org/stable/c/1412ba36597a82e928f20047f41d6c6582dafe8a
https://git.kernel.org/stable/c/2f640c6043aeab31a2f607d7605271860c3b11df
https://git.kernel.org/stable/c/3300b049693138852a4c6738b5f1194a1ee91ddd
https://git.kernel.org/stable/c/6144895a4335a2491c282931f1f2fa610b86339f
https://git.kernel.org/stable/c/75a1621e4f91310673c9acbcbb25c2a7ff821cd3
https://git.kernel.org/stable/c/779412e0e391fd4a0d12e1d1adaa7bf043de62d7
https://git.kernel.org/stable/c/b285a8f3bbb821a93eb37c2740a68ca1d7112a59
https://git.kernel.org/stable/c/daf6733bd7c4c5015b431739ac29b0e29021096b