Divide-by-Zero Vulnerability in Linux Kernel Networking Scheduler
CVE-2026-31423

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-31423?

A divide-by-zero vulnerability exists in the Linux kernel's networking scheduler module, specifically in sch_hfsc, caused by improper handling of a scaled value derived from user inputs. When large values are processed, the calculation may lead to a situation where a division operation attempts to use zero as a divisor. This can result in system crashes, as evidenced by the runtime error messages produced. The fix involves extending variable types to ensure that critical calculations preserve value integrity, thus preventing potential system disruptions.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 25b6821884713a31e2b49fb67b0ebd765b33e0a9

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/25b6821884713a31e2b49fb67...

https://git.kernel.org/stable/c/c56f78614e7781aaceca9bd3c...

https://git.kernel.org/stable/c/b9e6431cbea8bb1fae8069ed0...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31423 Data

JSON