Volerion logoVolerion
Volerion logoVolerion

Linux Kernel FBDEV TDFXFB Driver Divide-By-Zero Vulnerability in VSCREENINFO IOCTL

Vulnerability

A divide-by-zero vulnerability has been identified in the Linux kernel's FBDEV TDFXFB driver, specifically within the handling of the FBIOPUT_VSCREENINFO ioctl. This issue arises because the driver directly uses the 'pixclock' variable in a division operation, which can lead to a crash if 'pixclock' is zero. The vulnerability affects the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability causes a kernel crash, leading to a denial of service condition.

Reproduction

The vulnerability can be reproduced by sending an FBIOPUT_VSCREENINFO ioctl command to the TDFXFB driver with a 'pixclock' value of zero. This will trigger the divide-by-zero error, causing a crash.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed.

Added: Apr 24, 2026, 5:24 PM
Updated: Apr 24, 2026, 5:24 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
6.6
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.