VDB
DEBIAN-CVE-2026-31670
DEBIAN-CVE-2026-31670
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | linux | 6.12.9-1, 6.1.99-1, 6.1.98-1 |
| Debian:11 | linux | 5.16.7-2, 6.1.20-2, 6.1.25-1 |
| Debian:13 | linux | 6.12.38-1, 6.12.41-1, 6.12.43-1 |
| Debian:14 | linux | 6.18.14-1, 6.18.13-1, 6.18.12-1 |
| Debian:11 | linux-6.1 | 6.1.106-3, 6.1.106-3, 6.1.106-3 |
Exploit Intelligence
- 4694.0.0.yml (github-poc)
Timeline
- Apr 24, 2026 CVE Published
- May 2, 2026 CVE Updated