{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31574", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.119Z", "datePublished": "2026-04-24T14:42:06.707Z", "dateUpdated": "2026-05-11T22:11:25.300Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:11:25.300Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclockevents: Add missing resets of the next_event_forced flag\n\nThe prevention mechanism against timer interrupt starvation missed to reset\nthe next_event_forced flag in a couple of places:\n\n - When the clock event state changes. That can cause the flag to be\n stale over a shutdown/startup sequence\n\n - When a non-forced event is armed, which then prevents rearming before\n that event. If that event is far out in the future this will cause\n missed timer interrupts.\n\n - In the suspend wakeup handler.\n\nThat led to stalls which have been reported by several people.\n\nAdd the missing resets, which fixes the problems for the reporters."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/time/clockevents.c", "kernel/time/tick-broadcast.c"], "versions": [{"version": "d6e152d905bdb1f32f9d99775e2f453350399a6a", "lessThan": "9401b593fa48218d2667df1610b0ebc518554880", "status": "affected", "versionType": "git"}, {"version": "d6e152d905bdb1f32f9d99775e2f453350399a6a", "lessThan": "4096fd0e8eaea13ebe5206700b33f49635ae18e5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/time/clockevents.c", "kernel/time/tick-broadcast.c"], "versions": [{"version": "7.0", "status": "affected"}, {"version": "0", "lessThan": "7.0", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.1", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0", "versionEndExcluding": "7.0.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0", "versionEndExcluding": "7.1-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/9401b593fa48218d2667df1610b0ebc518554880"}, {"url": "https://git.kernel.org/stable/c/4096fd0e8eaea13ebe5206700b33f49635ae18e5"}], "title": "clockevents: Add missing resets of the next_event_forced flag", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B09DF0E2-D04C-4F38-9D27-E4ED446A8F90", "versionEndExcluding": "7.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclockevents: Add missing resets of the next_event_forced flag\n\nThe prevention mechanism against timer interrupt starvation missed to reset\nthe next_event_forced flag in a couple of places:\n\n - When the clock event state changes. That can cause the flag to be\n stale over a shutdown/startup sequence\n\n - When a non-forced event is armed, which then prevents rearming before\n that event. If that event is far out in the future this will cause\n missed timer interrupts.\n\n - In the suspend wakeup handler.\n\nThat led to stalls which have been reported by several people.\n\nAdd the missing resets, which fixes the problems for the reporters."}], "id": "CVE-2026-31574", "lastModified": "2026-04-27T20:34:21.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-24T15:16:32.020", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4096fd0e8eaea13ebe5206700b33f49635ae18e5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9401b593fa48218d2667df1610b0ebc518554880"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: clockevents: Add missing resets of the next_event_forced flag", "id": "2461508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461508"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-821", "details": ["A flaw was found in the Linux kernel's clock event handling. Missing resets of a critical flag can lead to timer interrupt starvation and system stalls. This vulnerability could allow an attacker to cause a denial of service (DoS) by making the system unresponsive."], "name": "CVE-2026-31574", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31574\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31574\nhttps://lore.kernel.org/linux-cve-announce/2026042409-CVE-2026-31574-ff0b@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[d6e152d905bdb1f32f9d99775e2f453350399a6a,9401b593fa48218d2667df1610b0ebc518554880)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[d6e152d905bdb1f32f9d99775e2f453350399a6a,4096fd0e8eaea13ebe5206700b33f49635ae18e5)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[7.0,7.0]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.1,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.1-rc1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-28T14:08:54.320994+00:00", "value": {"mitigation_remediation": ["Upgrade the Linux kernel to the latest stable release that contains the commit resetting the next_event_forced flag, or apply the patch manually to the kernel source.", "Reboot the system so that the flag is cleared and the new code path is active.", "Run a suite of latency or CPU\u2011bound tests (e.g., stress-ng, perf) to confirm that timers fire correctly and that no new stalls occur."], "summary": {"action": "Update Kernel", "impact": "Denial of Service (system stalls)"}, "threat_synthesis": {"affected_systems": "The flaw is confined to the Linux kernel itself. All kernel versions that contained the buggy clockevents implementation before the patch are potentially affected. The exact release range is not specified, so any kernel lacking the provided commit to reset next_event_forced in the described paths is at risk.", "description_and_impact": "In the Linux kernel a missing reset of the next_event_forced flag within the clockevents subsystem caused the flag to remain stale in several code paths. When the flag persisted, scheduled timer interrupts were unintentionally suppressed, leading to periods where the system waited for a forced event that never arrived. This manifested as visible system stalls and degraded responsiveness.", "risk_and_exploitability": "The CVSS score of 5.5 indicates a medium severity and the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to trigger a circular reset or initiate a reboot sequence on a system that has not yet applied the patch. With local or root access, invoking the stale flag path could force the kernel into a state of missing timer interrupts, effectively denying service to user applications that rely on timely scheduling. No public exploit so far has been reported, so the risk remains mainly theoretical but not negligible."}}}}, "created": "2026-04-27T19:00:15.730367+00:00", "updated": "2026-04-28T14:15:34.913779+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}