PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-31770 Linux CVE debrief

CVE-2026-31770 is a Linux kernel availability issue in the hwmon occ driver. A missing zero-check in occ_show_power_1() can divide by update_tag before any samples have been collected, which can trigger a kernel crash during early boot or similar zero-sample states. The issue is rated medium severity and affects supported kernel release lines until the fixed stable releases noted by NVD.

Vendor
Linux
Product
CVE-2026-31770
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-01
Original CVE updated
2026-05-11
Advisory published
2026-05-01
Advisory updated
2026-05-11

Who should care

Linux kernel maintainers, distro security teams, embedded/device vendors shipping affected kernel versions, and operators who rely on hwmon/occ sensor reporting for platform monitoring. Systems that may expose the occ sensor block during early boot should pay attention, because the fault can appear before normal sampling has occurred.

Technical summary

The vulnerable code path is in occ_show_power_1(). In case 1, it divides an accumulator by update_tag without checking whether any samples exist. If update_tag is zero, the kernel can hit a divide-by-zero fault and crash. The fix reuses the existing occ_get_powr_avg() helper, which already handles the zero-sample case and uses mul_u64_u32_div() for better precision. NVD maps this to CWE-369 and a CVSS 3.1 vector of AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Defensive priority

Medium. This is a local, availability-only kernel crash with no direct confidentiality or integrity impact in the supplied data, but kernel panics are operationally important and can affect uptime on systems using the affected driver path.

Recommended defensive actions

  • Update Linux kernel packages to a version that includes the upstream/stable fix referenced by the official kernel patches.
  • Confirm whether your deployed kernels fall within the affected version ranges listed by NVD, especially the supported stable lines ending before the fixed releases.
  • If you vendor-backport kernels, verify that the occ driver fix was included in your downstream tree and not only in upstream stable branches.
  • Prioritize patching systems that may initialize or expose the OCC hwmon sensor block during boot or on systems where a kernel crash would cause service interruption.
  • Use the official CVE and NVD records plus the linked kernel patches to validate remediation status in your environment.

Evidence notes

The CVE description states that occ_show_power_1() case 1 divided by update_tag without checking for zero, and that the earlier 2019 fix only covered occ_get_powr_avg() used by other show paths. NVD lists CWE-369 and a CVSS 3.1 vector of AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. NVD also provides affected-version criteria for multiple Linux kernel release lines and includes official kernel patch references on git.kernel.org.

Official resources

Publicly disclosed in the CVE record on 2026-05-01T15:16:40.200Z and modified on 2026-05-11T17:58:07.823Z. Timing in this debrief follows the supplied CVE published/modified dates.