CVE-2026-31770

Summary

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (occ) Fix division by zero in occ_show_power_1()

In occ_show_power_1() case 1, the accumulator is divided by update_tag without checking for zero. If no samples have been collected yet (e.g. during early boot when the sensor block is included but hasn't been updated), update_tag is zero, causing a kernel divide-by-zero crash.

The 2019 fix in commit 211186cae14d ("hwmon: (occ) Fix division by zero issue") only addressed occ_get_powr_avg() used by occ_show_power_2() and occ_show_power_a0(). This separate code path in occ_show_power_1() was missed.

Fix this by reusing the existing occ_get_powr_avg() helper, which already handles the zero-sample case and uses mul_u64_u32_div() to multiply before dividing for better precision. Move the helper above occ_show_power_1() so it is visible at the call site.

[groeck: Fix alignment problems reported by checkpatch]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < c7d3712362c8ab8f82f441b649d9e446e7b9aa9daffected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < 53e6175756b8c474b6247bbcea0aad3d68357475affected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < 2502684b9e835de9a992ec47c3e6c6faabe3858daffected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < 37ae8fadc74ed68e5bc364ffd17746d88e449ae3affected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < bbbefc48f6617cfb738dcff7f44beb50b5dfeb38affected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < 243d55bd3f08cb15eee9d63f4716d4d4cdd760f5affected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < 7b89ce0c98bf3015f493ca4285b2d1056cd8c733affected
LinuxLinuxc10e753d43ebd1d17e1c62bcee20c6124c2c7cca < 39e2a5bf970402a8530a319cf06122e216ba57b8affected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux5.10.253 <= 5.10.*unaffected
LinuxLinux5.15.203 <= 5.15.*unaffected
LinuxLinux6.1.168 <= 6.1.*unaffected
LinuxLinux6.6.134 <= 6.6.*unaffected
LinuxLinux6.12.81 <= 6.12.*unaffected
LinuxLinux6.18.22 <= 6.18.*unaffected
LinuxLinux6.19.12 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References