CVE-2026-31670 PUBLISHED

net: rfkill: prevent unlimited numbers of rfkill events from being created

Assigner: Linux
Reserved: 09.03.2026 Published: 24.04.2026 Updated: 25.04.2026

In the Linux kernel, the following vulnerability has been resolved:

net: rfkill: prevent unlimited numbers of rfkill events from being created

Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to 4bcd1615a4e2a185ae9edd27b4143d7dfa7134f4 (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to b1e0c8d3ab58a0161db487bf5fc47adfcaf5d5ca (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to e3842779547c83150569071d9980517cc9029fc0 (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to 673d2a3eef6e0ee9736501a150c9e4024a4e60a6 (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to 82843afc19012a29ba863961ef494165aa1a88f4 (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to a8c26800e0220e1550af012f5a20e50f5c78864d (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to 80ce4cb026f0a4c4532b6cad827b44debda6256a (excl.)
  • affected from c64fb01627e24725d1f9d535e4426475a4415753 to ea245d78dec594372e27d8c79616baf49e98a4a1 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 2.6.31 is affected
  • unaffected from 0 to 2.6.31 (excl.)
  • unaffected from 5.10.253 to 5.10.* (incl.)
  • unaffected from 5.15.203 to 5.15.* (incl.)
  • unaffected from 6.1.169 to 6.1.* (incl.)
  • unaffected from 6.6.135 to 6.6.* (incl.)
  • unaffected from 6.12.82 to 6.12.* (incl.)
  • unaffected from 6.18.23 to 6.18.* (incl.)
  • unaffected from 6.19.13 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References