Common Weakness Enumeration

CWE-369

Allowed

Divide By Zero

Abstraction: Base · Status: Draft

The product divides a value by zero.

579 vulnerabilities reference this CWE, most recent first.

GHSA-464Q-CQXQ-XHGR

Vulnerability from github – Published: 2026-03-23 06:30 – Updated: 2026-03-30 19:30
VLAI
Summary
jsrsasign: Division by Zero Allows Invalid JWK Modulus to Cause Deterministic Zero Output in RSA Operations
Details

Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations (e.g., verify and encryption) to collapse to deterministic zero outputs and hide “invalid key” errors by supplying a JWK whose modulus decodes to zero.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "jsrsasign"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "11.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-4603"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-30T19:30:16Z",
    "nvd_published_at": "2026-03-23T06:16:22Z",
    "severity": "LOW"
  },
  "details": "Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations (e.g., verify and encryption) to collapse to deterministic zero outputs and hide \u201cinvalid key\u201d errors by supplying a JWK whose modulus decodes to zero.",
  "id": "GHSA-464q-cqxq-xhgr",
  "modified": "2026-03-30T19:30:16Z",
  "published": "2026-03-23T06:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4603"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kjur/jsrsasign/pull/649"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kjur/jsrsasign/commit/dc41d49fac4297e7a737a3ef8ebd0aa9c49ef93f"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/Kr0emer/5366b7364c4fbf7e754bc377f321e9f3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kjur/jsrsasign"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JS-JSRSASIGN-15371176"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "jsrsasign: Division by Zero Allows Invalid JWK Modulus to Cause Deterministic Zero Output in RSA Operations"
}

GHSA-49W9-5V8P-JCMW

Vulnerability from github – Published: 2025-02-27 03:34 – Updated: 2025-03-05 15:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: sn-f-ospi: Fix division by zero

When there is no dummy cycle in the spi-nor commands, both dummy bus cycle bytes and width are zero. Because of the cpu's warning when divided by zero, the warning should be avoided. Return just zero to avoid such calculations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21793"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-27T03:15:20Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
  "id": "GHSA-49w9-5v8p-jcmw",
  "modified": "2025-03-05T15:30:50Z",
  "published": "2025-02-27T03:34:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21793"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3588b1c0fde2f58d166e3f94a5a58d64b893526c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4df6f005bef04a3dd16c028124a1b5684db3922b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7434135553bc03809a55803ee6a8dcaae6240d55"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/966328191b4c389c0f2159fa242915f51cbc1679"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4C27-WWV3-V6H2

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2023-05-22 03:30
VLAI
Details

A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20243"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-09T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.",
  "id": "GHSA-4c27-wwv3-v6h2",
  "modified": "2023-05-22T03:30:15Z",
  "published": "2022-05-24T17:43:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20243"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/pull/3193"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928958"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4H39-WWJ7-HQ2M

Vulnerability from github – Published: 2024-07-05 09:33 – Updated: 2024-07-08 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

fbdev: savage: Handle err return when savagefb_check_var failed

The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero") checks the value of pixclock to avoid divide-by-zero error. However the function savagefb_probe doesn't handle the error return of savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39475"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-05T07:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Handle err return when savagefb_check_var failed\n\nThe commit 04e5eac8f3ab(\"fbdev: savage: Error out if pixclock equals zero\")\nchecks the value of pixclock to avoid divide-by-zero error. However\nthe function savagefb_probe doesn\u0027t handle the error return of\nsavagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.",
  "id": "GHSA-4h39-wwj7-hq2m",
  "modified": "2024-07-08T18:31:16Z",
  "published": "2024-07-05T09:33:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39475"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/32f92b0078ebf79dbe4827288e0acb50d89d3d5b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4b2c67e30b4e1d2ae19dba8b8e8f3b5fd3cf8089"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f446859bfa46df0ffb34149499f48a2c2d8cd95"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6ad959b6703e2c4c5d7af03b4cfd5ff608036339"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/86435f39c18967cdd937d7a49ba539cdea7fb547"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b8385ff814ca4cb7e63789841e6ec2a14c73e1e8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/be754cbd77eaf2932408a4e18532e4945274a5c7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/edaa57480b876e8203b51df7c3d14a51ea6b09e3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HJR-56F9-J54W

Vulnerability from github – Published: 2025-01-21 12:30 – Updated: 2025-09-26 21:30
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

gve: guard XDP xmit NDO on existence of xdp queues

In GVE, dedicated XDP queues only exist when an XDP program is installed and the interface is up. As such, the NDO XDP XMIT callback should return early if either of these conditions are false.

In the case of no loaded XDP program, priv->num_xdp_queues=0 which can cause a divide-by-zero error, and in the case of interface down, num_xdp_queues remains untouched to persist XDP queue count for the next interface up, but the TX pointer itself would be NULL.

The XDP xmit callback also needs to synchronize with a device transitioning from open to close. This synchronization will happen via the GVE_PRIV_FLAGS_NAPI_ENABLED bit along with a synchronize_net() call, which waits for any RCU critical sections at call-time to complete.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-57932"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-21T12:15:26Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: guard XDP xmit NDO on existence of xdp queues\n\nIn GVE, dedicated XDP queues only exist when an XDP program is installed\nand the interface is up. As such, the NDO XDP XMIT callback should\nreturn early if either of these conditions are false.\n\nIn the case of no loaded XDP program, priv-\u003enum_xdp_queues=0 which can\ncause a divide-by-zero error, and in the case of interface down,\nnum_xdp_queues remains untouched to persist XDP queue count for the next\ninterface up, but the TX pointer itself would be NULL.\n\nThe XDP xmit callback also needs to synchronize with a device\ntransitioning from open to close. This synchronization will happen via\nthe GVE_PRIV_FLAGS_NAPI_ENABLED bit along with a synchronize_net() call,\nwhich waits for any RCU critical sections at call-time to complete.",
  "id": "GHSA-4hjr-56f9-j54w",
  "modified": "2025-09-26T21:30:27Z",
  "published": "2025-01-21T12:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57932"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/35f44eed5828cf1bc7e760d1993ed8549ba41c7b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cbe9eb2c39d09f3c8574febcfa39d8c09d0c7cb5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff7c2dea9dd1a436fc79d6273adffdcc4a7ffea3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HR6-49G3-G573

Vulnerability from github – Published: 2023-08-31 18:30 – Updated: 2023-08-31 18:30
VLAI
Details

Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4678"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-31T16:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.",
  "id": "GHSA-4hr6-49g3-g573",
  "modified": "2023-08-31T18:30:28Z",
  "published": "2023-08-31T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4678"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4JM9-V433-WX3F

Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2022-10-07 18:15
VLAI
Details

WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1010315"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-07-11T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.",
  "id": "GHSA-4jm9-v433-wx3f",
  "modified": "2022-10-07T18:15:49Z",
  "published": "2022-05-24T16:50:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010315"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dbry/WavPack/issues/65"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4062-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4M6C-V88J-QQXH

Vulnerability from github – Published: 2024-04-03 18:30 – Updated: 2025-02-27 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

fbdev: savage: Error out if pixclock equals zero

The userspace program could pass any values to the driver through ioctl() interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error.

Although pixclock is checked in savagefb_decode_var(), but it is not checked properly in savagefb_probe(). Fix this by checking whether pixclock is zero in the function savagefb_check_var() before info->var.pixclock is used as the divisor.

This is similar to CVE-2022-3061 in i740fb which was fixed by commit 15cf0b8.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26778"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-03T17:15:53Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Error out if pixclock equals zero\n\nThe userspace program could pass any values to the driver through\nioctl() interface. If the driver doesn\u0027t check the value of pixclock,\nit may cause divide-by-zero error.\n\nAlthough pixclock is checked in savagefb_decode_var(), but it is not\nchecked properly in savagefb_probe(). Fix this by checking whether\npixclock is zero in the function savagefb_check_var() before\ninfo-\u003evar.pixclock is used as the divisor.\n\nThis is similar to CVE-2022-3061 in i740fb which was fixed by\ncommit 15cf0b8.",
  "id": "GHSA-4m6c-v88j-qqxh",
  "modified": "2025-02-27T15:31:49Z",
  "published": "2024-04-03T18:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26778"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/070398d32c5f3ab0e890374904ad94551c76aec4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/224453de8505aede1890f007be973925a3edf6a1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/512ee6d6041e007ef5bf200c6e388e172a2c5b24"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/84dce0f6a4cc5b7bfd7242ef9290db8ac1dd77ff"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8c54acf33e5adaad6374bf3ec1e3aff0591cc8e1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a9ca4e80d23474f90841251f4ac0d941fa337a01"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bc3c2e58d73b28b9a8789fca84778ee165a72d13"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4Q34-PQWJ-3CV6

Vulnerability from github – Published: 2025-06-18 12:30 – Updated: 2025-11-19 15:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()

Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug in: drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info->var.pixclock) / hmul); with hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0. and then in: drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par->dac, 0, 1000000000 / pixclock); we'll get a division-by-zero.

The following log can reveal it:

divide error: 0000 [#1] PREEMPT SMP KASAN PTI RIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline] RIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784 Call Trace: fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034 do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110 fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189

Fix this by checking the argument of ark_set_pixclock() first.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50102"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:39Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug\nin:\n  drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info-\u003evar.pixclock) / hmul);\nwith hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0.\nand then in:\n  drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par-\u003edac, 0, 1000000000 / pixclock);\nwe\u0027ll get a division-by-zero.\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline]\nRIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of ark_set_pixclock() first.",
  "id": "GHSA-4q34-pqwj-3cv6",
  "modified": "2025-11-19T15:31:28Z",
  "published": "2025-06-18T12:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50102"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0288fa799e273b08839037499d704dc7bdc13e9a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/15661642511b2b192077684a89f42a8d95d54286"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/236c1502520b7b08955467ec2e50b3232e34f1f9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2f1c4523f7a3aaabe7e53d3ebd378292947e95c8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/76b3f0a0b56e53a960a14624a0f48b3d94b5e7e7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9ebc5031958c1f3a2795e4533b4091d77c738d14"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a249e1b89ca25e1c34bdf96154e3f6224a91a9af"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b9a66f23612b84617e04412169e155a4b92f632d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4R58-H5CF-8QGJ

Vulnerability from github – Published: 2026-02-08 00:30 – Updated: 2026-02-08 00:30
VLAI
Details

A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-15564"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-07T22:16:01Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod\u003c...\u003e::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
  "id": "GHSA-4r58-h5cf-8qgj",
  "modified": "2026-02-08T00:30:57Z",
  "published": "2026-02-08T00:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15564"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mapnik/mapnik/issues/4545"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mapnik/mapnik"
    },
    {
      "type": "WEB",
      "url": "https://github.com/oneafter/1219/blob/main/repro"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.344502"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.344502"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.743386"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.