VDB

DEBIAN-CVE-2026-31670

DEBIAN-CVE-2026-31670 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:12linux6.12.9-1, 6.1.99-1, 6.1.98-1
Debian:11linux5.16.7-2, 6.1.20-2, 6.1.25-1
Debian:13linux6.12.38-1, 6.12.41-1, 6.12.43-1
Debian:14linux6.18.14-1, 6.18.13-1, 6.18.12-1
Debian:11linux-6.16.1.106-3, 6.1.106-3, 6.1.106-3

Exploit Intelligence

Timeline

  • Apr 24, 2026 CVE Published
  • May 2, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›