Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.31.1, < 5.10.253 |
References
- https://git.kernel.org/stable/c/4bcd1615a4e2a185ae9edd27b4143d7dfa7134f4Patch
- https://git.kernel.org/stable/c/673d2a3eef6e0ee9736501a150c9e4024a4e60a6Patch
- https://git.kernel.org/stable/c/80ce4cb026f0a4c4532b6cad827b44debda6256aPatch
- https://git.kernel.org/stable/c/82843afc19012a29ba863961ef494165aa1a88f4Patch
- https://git.kernel.org/stable/c/a8c26800e0220e1550af012f5a20e50f5c78864dPatch
- https://git.kernel.org/stable/c/b1e0c8d3ab58a0161db487bf5fc47adfcaf5d5caPatch
- https://git.kernel.org/stable/c/e3842779547c83150569071d9980517cc9029fc0Patch
- https://git.kernel.org/stable/c/ea245d78dec594372e27d8c79616baf49e98a4a1Patch
FAQ
What is CVE-2026-31670?
CVE-2026-31670 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill even...
How severe is CVE-2026-31670?
CVE-2026-31670 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-31670?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.