CVE-2026-31770
Awaiting Analysis Awaiting Analysis - Queue
Division by Zero in Linux Kernel hwmon OCC Driver

Publication date: 2026-05-01

Last updated on: 2026-05-01

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: hwmon: (occ) Fix division by zero in occ_show_power_1() In occ_show_power_1() case 1, the accumulator is divided by update_tag without checking for zero. If no samples have been collected yet (e.g. during early boot when the sensor block is included but hasn't been updated), update_tag is zero, causing a kernel divide-by-zero crash. The 2019 fix in commit 211186cae14d ("hwmon: (occ) Fix division by zero issue") only addressed occ_get_powr_avg() used by occ_show_power_2() and occ_show_power_a0(). This separate code path in occ_show_power_1() was missed. Fix this by reusing the existing occ_get_powr_avg() helper, which already handles the zero-sample case and uses mul_u64_u32_div() to multiply before dividing for better precision. Move the helper above occ_show_power_1() so it is visible at the call site. [groeck: Fix alignment problems reported by checkpatch]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-01
Generated
2026-05-07
AI Q&A
2026-05-01
EPSS Evaluated
2026-05-05
NVD
CVE-2026-31770
EUVD
EUVD-2026-26583
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's hardware monitoring (hwmon) subsystem, specifically in the function occ_show_power_1(). The issue is a division by zero error that occurs because the code divides an accumulator by a variable called update_tag without checking if update_tag is zero.

If no sensor samples have been collected yet, such as during early boot when the sensor block is included but not updated, update_tag is zero. This causes the kernel to crash due to a divide-by-zero error.

A previous fix in 2019 addressed a similar issue in related functions but missed this particular code path. The fix involves reusing an existing helper function that properly handles the zero-sample case and performs multiplication before division to avoid this error.


How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to crash unexpectedly due to a division by zero error in the hardware monitoring subsystem.

Such a kernel crash can lead to system instability, unexpected reboots, or downtime, which may affect the availability and reliability of systems running vulnerable Linux kernel versions.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart