Signed Integer Vulnerability in Linux Kernel Affecting Division and Modulo Operations
CVE-2026-31525

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-31525?

In the Linux kernel, a flaw in the BPF interpreter's handling of signed 32-bit division and modulo operations can lead to undefined behavior. Specifically, the kernel's abs() macro fails when applied to the minimum value of a signed 32-bit integer, resulting in incorrect calculations and potential out-of-bounds access. This vulnerability arises from a mismatch in the verifier's calculation and the interpreter's handling of certain integer operations. A patch has been introduced to correctly manage these operations and prevent exploitation.

Affected Version(s)

Linux ec0e2da95f72d4a46050a4d994e4fe471474fd80 < 694ea55f1b1c74f9942d91ec366ae9e822422e42

Linux ec0e2da95f72d4a46050a4d994e4fe471474fd80 < 9ab1227765c446942f290c83382f0b19887c55cf

Linux ec0e2da95f72d4a46050a4d994e4fe471474fd80

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-31525
Created by HORKimhab

References

https://git.kernel.org/stable/c/694ea55f1b1c74f9942d91ec3...

https://git.kernel.org/stable/c/9ab1227765c446942f290c833...

https://git.kernel.org/stable/c/f14ca604c0ff274fba19f73f1...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 2, 2026
👾
Exploit known to exist
Jun 2, 2026
Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31525 Data

JSON