CVE-2026-31670

EUVD-2026-25563
In the Linux kernel, the following vulnerability has been resolved:

net: rfkill: prevent unlimited numbers of rfkill events from being created

Userspace can create an unlimited number of rfkill events if the system
is so configured, while not consuming them from the rfkill file
descriptor, causing a potential out of memory situation.  Prevent this
from bounding the number of pending rfkill events at a "large" number
(i.e. 1000) to prevent abuses like this.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
2.6.31.1 ≤
𝑥
< 5.10.253
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.203
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.169
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.135
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.82
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.23
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.13
linuxlinux_kernel
2.6.31
linuxlinux_kernel
7.0:rc1
linuxlinux_kernel
7.0:rc2
linuxlinux_kernel
7.0:rc3
linuxlinux_kernel
7.0:rc4
linuxlinux_kernel
7.0:rc5
linuxlinux_kernel
7.0:rc6
linuxlinux_kernel
7.0:rc7
𝑥
= Vulnerable software versions
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.137.1-1.azl3
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/4bcd1615a4e2a185ae9edd27b4143d7dfa7134f4
https://git.kernel.org/stable/c/673d2a3eef6e0ee9736501a150c9e4024a4e60a6
https://git.kernel.org/stable/c/80ce4cb026f0a4c4532b6cad827b44debda6256a
https://git.kernel.org/stable/c/82843afc19012a29ba863961ef494165aa1a88f4
https://git.kernel.org/stable/c/a8c26800e0220e1550af012f5a20e50f5c78864d
https://git.kernel.org/stable/c/b1e0c8d3ab58a0161db487bf5fc47adfcaf5d5ca
https://git.kernel.org/stable/c/e3842779547c83150569071d9980517cc9029fc0
https://git.kernel.org/stable/c/ea245d78dec594372e27d8c79616baf49e98a4a1