cve 2026 31423

CVE-2026-31423 is a Linux kernel vulnerability in the sch_hfsc traffic scheduler that could cause a divide-by-zero error in the rtsc_min() function. The bug occurred when an internal slope calculation produced a boundary value that was silently truncated to zero, leading to a kernel oops in the concave-curve intersection path. The fix widened the divisor from u32 to u64 and switched to div64_u64(). Published on April 13, 2026, the vulnerability is addressed in stable kernel updates. While this is a Linux-specific issue, Windows users and IT professionals monitoring cross-platform security advisories may encounter it in vulnerability databases or when managing mixed environments.