Kernel Security Flaw in Linux Affects Multiple Products
CVE-2026-31670

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

What is CVE-2026-31670?

A vulnerability in the Linux kernel allows userspace to generate an unrestricted number of rfkill events. If the system is improperly configured and these events are not processed from the rfkill file descriptor, this can lead to a significant out-of-memory situation. To mitigate this risk, it's important to limit the number of pending rfkill events to a large number, specifically 1000, thereby preventing potential exploitations that could destabilize the system.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4bcd1615a4e2a185ae9edd27b4143d7dfa7134f4

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/4bcd1615a4e2a185ae9edd27b...

https://git.kernel.org/stable/c/b1e0c8d3ab58a0161db487bf5...

https://git.kernel.org/stable/c/e3842779547c83150569071d9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31670 Data

JSON