Description
In the Linux kernel, the following vulnerability has been resolved:

net: rfkill: prevent unlimited numbers of rfkill events from being created

Userspace can create an unlimited number of rfkill events if the system
is so configured, while not consuming them from the rfkill file
descriptor, causing a potential out of memory situation. Prevent this
from bounding the number of pending rfkill events at a "large" number
(i.e. 1000) to prevent abuses like this.
Published: 2026-04-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential out-of-memory condition due to unlimited rfkill events
Action: Apply Patch
AI Analysis

Impact

The vulnerability allows a userspace application to create an unlimited number of rfkill events in the Linux kernel, which can exhaust kernel memory and trigger an out‑of‑memory situation. This uncontrolled resource consumption corresponds to CWE‑770 and can degrade system stability by consuming critical kernel memory.

Affected Systems

All Linux kernel implementations are affected because the bug exists before the patch. The Common Platform Enumeration strings cover kernels from 2.6.31 through multiple 7.0 release candidates, indicating a broad impact across legacy and current kernel versions.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, and the EPSS score of less than 1% suggests low current exploitation likelihood. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local: a process with write access to the rfkill interface can repeatedly issue event creation commands, and the kernel previously accepted an unlimited number. After the patch, the index of pending events is bounded at a large number (1000) to prevent abuse. Because the bug requires interaction with the rfkill subsystem, users with sufficient permissions or access to the userspace rfkill utilities can trigger the issue prior to patching.

Generated by OpenCVE AI on April 28, 2026 at 13:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that contains the rfkill event‑bounding patch.
  • Reboot the system or reload the kernel module so that the updated code is active.
  • If a kernel update is not immediately feasible, restrict rfkill write permissions or disable rfkill functionality on the host to prevent creation of excessive events.
  • Monitor kernel memory usage for abnormal spikes that could indicate a related resource exhaustion attempt.

Generated by OpenCVE AI on April 28, 2026 at 13:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4561-1 linux-6.1 security update
Debian DSA Debian DSA DSA-6238-1 linux security update
Debian DSA Debian DSA DSA-6243-1 linux security update
History

Mon, 27 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*

Sat, 25 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-770
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Fri, 24 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.
Title net: rfkill: prevent unlimited numbers of rfkill events from being created
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:13:22.249Z

Reserved: 2026-03-09T15:48:24.130Z

Link: CVE-2026-31670

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-24T15:16:46.790

Modified: 2026-04-27T20:10:26.567

Link: CVE-2026-31670

cve-icon Redhat

Severity : Low

Publid Date: 2026-04-24T00:00:00Z

Links: CVE-2026-31670 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T13:45:06Z

Weaknesses