Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

linux — Vulnerabilities & Security Advisories 11727

Browse all 11727 CVE security advisories affecting linux. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Linux serves as the foundational operating system for the majority of internet servers, cloud infrastructure, and embedded devices, powering critical global digital services. Its open-source nature and widespread deployment have historically exposed it to diverse vulnerability classes, including remote code execution, buffer overflows, and privilege escalation flaws within kernel modules and system utilities. While the project maintains rigorous security practices, the sheer volume of code contributes to a high cumulative count of recorded Common Vulnerabilities and Exposures, currently exceeding eleven thousand. Notable incidents often stem from misconfigurations or unpatched legacy components rather than fundamental architectural failures. The community responds rapidly to disclosed threats, yet the extensive attack surface necessitates continuous vigilance. Administrators must prioritize regular updates and strict access controls to mitigate risks associated with this ubiquitous platform, ensuring stability across both enterprise and consumer environments.

Top products by linux: Linux kernel Linux Kernel linux_kernel util-linux kernel: Linux Kernal
CVE IDTitleCVSSSeverityPublished
CVE-2026-23005 x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 — Linux 5.5 -2026-01-25
CVE-2026-23004 dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() — Linux 7.8 High2026-01-25
CVE-2026-23003 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() — Linux 7.5 High2026-01-25
CVE-2026-23002 lib/buildid: use __kernel_read() for sleepable context — Linux 7.1 -2026-01-25
CVE-2026-23001 macvlan: fix possible UAF in macvlan_forward_source() — Linux 7.8 High2026-01-25
CVE-2026-23000 net/mlx5e: Fix crash on profile change rollback failure — Linux 5.5 -2026-01-25
CVE-2026-22999 net/sched: sch_qfq: do not free existing class in qfq_change_class() — Linux 7.8 High2026-01-25
CVE-2026-22998 nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec — Linux 7.5 High2026-01-25
CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts — Linux 7.5 High2026-01-25
CVE-2026-22996 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv — Linux 7.1 -2026-01-25
CVE-2025-71163 dmaengine: idxd: fix device leaks on compat bind and unbind — Linux 5.5 -2026-01-25
CVE-2025-71162 dmaengine: tegra-adma: Fix use-after-free — Linux 6.3 -2026-01-25
CVE-2026-22995 ublk: fix use-after-free in ublk_partition_scan_work — Linux 7.0 -2026-01-23
CVE-2026-22994 bpf: Fix reference count leak in bpf_prog_test_run_xdp() — Linux 7.1 -2026-01-23
CVE-2026-22993 idpf: Fix RSS LUT NULL ptr issue after soft reset — Linux 8.1 -2026-01-23
CVE-2026-22992 libceph: return the handler error from mon_handle_auth_done() — Linux 7.5 High2026-01-23
CVE-2026-22991 libceph: make free_choose_arg_map() resilient to partial allocation — Linux 7.5 High2026-01-23
CVE-2026-22989 nfsd: check that server is running in unlock_filesystem — Linux 6.5 -2026-01-23
CVE-2026-22990 libceph: replace overzealous BUG_ON in osdmap_apply_incremental() — Linux 7.5 High2026-01-23
CVE-2026-22988 arp: do not assume dev_hard_header() does not change skb->head — Linux 7.8 High2026-01-23
CVE-2026-22987 net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy — Linux 6.5 -2026-01-23
CVE-2026-22986 gpiolib: fix race condition for gdev->srcu — Linux 6.3 -2026-01-23
CVE-2026-22985 idpf: Fix RSS LUT NULL pointer crash on early ethtool operations — Linux 5.5 -2026-01-23
CVE-2026-22984 libceph: prevent potential out-of-bounds reads in handle_auth_done() — Linux 9.8 Critical2026-01-23
CVE-2026-22982 net: mscc: ocelot: Fix crash when adding interface under a lag — Linux 5.5 -2026-01-23
CVE-2026-22983 net: do not write to msg_get_inq in callee — Linux 7.8 -2026-01-23
CVE-2026-22981 idpf: detach and close netdevs while handling a reset — Linux 7.1 -2026-01-23
CVE-2026-22980 nfsd: provide locking for v4_end_grace — Linux 7.8 High2026-01-23
CVE-2026-22979 net: fix memory leak in skb_segment_list for GRO packets — Linux 6.2 -2026-01-23
CVE-2026-22978 wifi: avoid kernel-infoleak from struct iw_point — Linux 5.7 -2026-01-23

This page lists every published CVE security advisory associated with linux. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.