Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

linux — Vulnerabilities & Security Advisories 11727

Browse all 11727 CVE security advisories affecting linux. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Linux serves as the foundational operating system for the majority of internet servers, cloud infrastructure, and embedded devices, powering critical global digital services. Its open-source nature and widespread deployment have historically exposed it to diverse vulnerability classes, including remote code execution, buffer overflows, and privilege escalation flaws within kernel modules and system utilities. While the project maintains rigorous security practices, the sheer volume of code contributes to a high cumulative count of recorded Common Vulnerabilities and Exposures, currently exceeding eleven thousand. Notable incidents often stem from misconfigurations or unpatched legacy components rather than fundamental architectural failures. The community responds rapidly to disclosed threats, yet the extensive attack surface necessitates continuous vigilance. Administrators must prioritize regular updates and strict access controls to mitigate risks associated with this ubiquitous platform, ensuring stability across both enterprise and consumer environments.

Top products by linux: Linux kernel Linux Kernel linux_kernel util-linux kernel: Linux Kernal
CVE IDTitleCVSSSeverityPublished
CVE-2026-23405 apparmor: fix: limit the number of levels of policy namespaces — Linux 5.5AIMediumAI2026-04-01
CVE-2026-23406 apparmor: fix side-effect bug in match_char() macro usage — Linux 7.8 High2026-04-01
CVE-2026-23404 apparmor: replace recursive profile removal with iterative approach — Linux 5.5AIMediumAI2026-04-01
CVE-2026-23403 apparmor: fix memory leak in verify_header — Linux 6.1AIMediumAI2026-04-01
CVE-2026-23402 KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE — Linux 4.7AIMediumAI2026-04-01
CVE-2026-23401 KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE — Linux 8.8AIHighAI2026-04-01
CVE-2026-23400 rust_binder: call set_notification_done() without proc lock — Linux 7.1 -2026-03-29
CVE-2026-23399 nf_tables: nft_dynset: fix possible stateful expression memleak in error path — Linux 5.5 -2026-03-28
CVE-2026-23398 icmp: fix NULL pointer dereference in icmp_tag_validation() — Linux 6.5 -2026-03-26
CVE-2026-23397 nfnetlink_osf: validate individual option lengths in fingerprints — Linux 7.5 -2026-03-26
CVE-2026-23396 wifi: mac80211: fix NULL deref in mesh_matches_local() — Linux 6.5 -2026-03-26
CVE-2026-23395 Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ — Linux 8.8 High2026-03-25
CVE-2026-23394 af_unix: Give up GC if MSG_PEEK intervened. — Linux 6.3 -2026-03-25
CVE-2026-23392 netfilter: nf_tables: release flowtable after rcu grace period on error — Linux 7.8 High2026-03-25
CVE-2026-23393 bridge: cfm: Fix race condition in peer_mep deletion — Linux 7.8 High2026-03-25
CVE-2026-23391 netfilter: xt_CT: drop pending enqueued packets on template removal — Linux 7.8 High2026-03-25
CVE-2026-23390 tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow — Linux 7.7 -2026-03-25
CVE-2026-23389 ice: Fix memory leak in ice_set_ringparam() — Linux 7.1 -2026-03-25
CVE-2026-23388 Squashfs: check metadata block offset is within range — Linux 7.1 -2026-03-25
CVE-2026-23387 pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe() — Linux 7.1 -2026-03-25
CVE-2026-23386 gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL — Linux 7.8 -2026-03-25
CVE-2026-23384 RDMA/ionic: Fix kernel stack leak in ionic_create_cq() — Linux--2026-03-25
CVE-2026-23385 netfilter: nf_tables: clone set on flush only — Linux 5.5 -2026-03-25
CVE-2026-23383 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing — Linux 7.8 High2026-03-25
CVE-2026-23382 HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them — Linux 5.5 -2026-03-25
CVE-2026-23381 net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled — Linux 6.2 -2026-03-25
CVE-2026-23380 tracing: Fix WARN_ON in tracing_buffers_mmap_close — Linux 5.5 -2026-03-25
CVE-2026-23379 net/sched: ets: fix divide by zero in the offload path — Linux 7.7 -2026-03-25
CVE-2026-23378 net/sched: act_ife: Fix metalist update behavior — Linux 7.8 High2026-03-25
CVE-2026-23377 ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz — Linux 5.5 -2026-03-25

This page lists every published CVE security advisory associated with linux. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.