Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Linux — Vulnerabilities & Security Advisories 12711

Browse all 12711 CVE security advisories affecting Linux. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Linux serves as the foundational operating system for the majority of internet servers, cloud infrastructure, and embedded devices, powering critical global digital services. Its open-source nature and widespread deployment have historically exposed it to diverse vulnerability classes, including remote code execution, buffer overflows, and privilege escalation flaws within kernel modules and system utilities. While the project maintains rigorous security practices, the sheer volume of code contributes to a high cumulative count of recorded Common Vulnerabilities and Exposures, currently exceeding eleven thousand. Notable incidents often stem from misconfigurations or unpatched legacy components rather than fundamental architectural failures. The community responds rapidly to disclosed threats, yet the extensive attack surface necessitates continuous vigilance. Administrators must prioritize regular updates and strict access controls to mitigate risks associated with this ubiquitous platform, ensuring stability across both enterprise and consumer environments.

CVE IDTitleCVSSSeverityPublished
CVE-2026-53266 netfilter: bridge: make ebt_snat ARP rewrite writable — Linux 8.8 High2026-06-25
CVE-2026-53265 dm cache policy smq: check allocation under invalidate lock — Linux 7.8 High2026-06-25
CVE-2026-53264 net/sched: act_api: use RCU with deferred freeing for action lifecycle — Linux 7.8 High2026-06-25
CVE-2026-53263 6lowpan: fix off-by-one in multicast context address compression — Linux--2026-06-25
CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl() — Linux 7.8 High2026-06-25
CVE-2026-53261 devlink: Release nested relation on devlink free — Linux--2026-06-25
CVE-2026-53259 ipv6: anycast: insert aca into global hash under idev->lock — Linux 7.8 High2026-06-25
CVE-2026-53260 tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req(). — Linux 9.8 Critical2026-06-25
CVE-2026-53258 wifi: fix leak if split 6 GHz scanning fails — Linux--2026-06-25
CVE-2026-53256 Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() — Linux 8.0 High2026-06-25
CVE-2026-53257 wifi: cfg80211: enforce HE/EHT cap/oper consistency — Linux--2026-06-25
CVE-2026-53255 Bluetooth: MGMT: validate advertising TLV before type checks — Linux--2026-06-25
CVE-2026-53254 Bluetooth: RFCOMM: validate skb length in MCC handlers — Linux 8.1 High2026-06-25
CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing — Linux 7.1 High2026-06-25
CVE-2026-53252 Bluetooth: fix memory leak in error path of hci_alloc_dev() — Linux--2026-06-25
CVE-2026-53250 xsk: cache csum_start/csum_offset to fix TOCTOU in xsk_skb_metadata() — Linux 7.8 High2026-06-25
CVE-2026-53251 Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync — Linux--2026-06-25
CVE-2026-53249 ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options — Linux--2026-06-25
CVE-2026-53248 net: airoha: Fix use-after-free in metadata dst teardown — Linux 8.8 High2026-06-25
CVE-2026-53247 net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown — Linux 9.8 Critical2026-06-25
CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing — Linux 9.8 Critical2026-06-25
CVE-2026-53245 net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr — Linux--2026-06-25
CVE-2026-53243 rseq: Fix using an uninitialized stack variable in rseq_exit_user_update() — Linux--2026-06-25
CVE-2026-53244 VFS: fix possible failure to unlock in nfsd4_create_file() — Linux 7.5 High2026-06-25
CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams — Linux 7.8 High2026-06-25
CVE-2026-53241 ALSA: seq: dummy: fix UMP event stack overread — Linux--2026-06-25
CVE-2026-53240 xfrm: iptfs: fix use-after-free on first_skb in __input_process_payload — Linux 8.8 High2026-06-25
CVE-2026-53239 xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx() — Linux 7.8 High2026-06-25
CVE-2026-53237 gpio: mvebu: fix NULL pointer dereference in suspend/resume — Linux--2026-06-25
CVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengths — Linux--2026-06-25

This page lists every published CVE security advisory associated with Linux. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.