CVE-2026-31670
net: rfkill: prevent unlimited numbers of rfkill events from being created
In the Linux kernel, the following vulnerability has been resolved:
net: rfkill: prevent unlimited numbers of rfkill events from being created
Userspace can create an unlimited number of rfkill events if the system
is so configured, while not consuming them from the rfkill file
descriptor, causing a potential out of memory situation. Prevent this
from bounding the number of pending rfkill events at a "large" number
(i.e. 1000) to prevent abuses like this.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/4bcd1615a4e2a185ae9edd27b4143d7dfa7134f4https://git.kernel.org/stable/c/673d2a3eef6e0ee9736501a150c9e4024a4e60a6https://git.kernel.org/stable/c/80ce4cb026f0a4c4532b6cad827b44debda6256ahttps://git.kernel.org/stable/c/82843afc19012a29ba863961ef494165aa1a88f4https://git.kernel.org/stable/c/a8c26800e0220e1550af012f5a20e50f5c78864dhttps://git.kernel.org/stable/c/b1e0c8d3ab58a0161db487bf5fc47adfcaf5d5cahttps://git.kernel.org/stable/c/e3842779547c83150569071d9980517cc9029fc0https://git.kernel.org/stable/c/ea245d78dec594372e27d8c79616baf49e98a4a1