Vulnerabilities in Linux

12,679 results
Vexday analysis

Com 12.630 CVEs catalogadas e 1.872 novas entradas nos últimos 90 dias, o Linux apresenta um volume de vulnerabilidades consistente com sua ampla base de código e adoção global. A taxa de exploração ativa — apenas 9 entradas no CISA KEV, representando 0,07% do total — está abaixo da média geral do catálogo (0,45%), o que sugere que, apesar da superfície de ataque extensa, a conversão de vulnerabilidades em ameaças ativas e confirmadas permanece relativamente contida. Ainda assim, a CVE-2026-31431 merece atenção prioritária: com EPSS de 0,9678, a probabilidade de exploração ativa é elevada, e seu status no KEV indica que esse risco já se concretizou. A falha mais comum — CWE-476 (desreferência de ponteiro nulo) — é representativa da complexidade inerente ao desenvolvimento em nível de kernel e reforça a necessidade de triagem contínua, especialmente diante das 23 vulnerabilidades com PoC pública disponível.

CVE-2024-49894drm/amd/display: Fix index out of bounds in degamma hardware format translationEPSS 0.3%CVE-2026-23139HIGHnetfilter: nf_conncount: update last_gc only when GC has been performedEPSS 0.3%CVE-2024-27000serial: mxs-auart: add spinlock around changing cts stateEPSS 0.3%CVE-2021-28714Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text eEPSS 0.3%CVE-2022-3636MEDIUMLinux Kernel Ethernet mtk_ppe.c __mtk_ppe_check_skb use after freeEPSS 0.3%CVE-2022-48788nvme-rdma: fix possible use-after-free in transport error_recovery workEPSS 0.3%CVE-2022-3629LOWLinux Kernel af_vsock.c vsock_connect memory leakEPSS 0.3%CVE-2024-24858MEDIUMRace condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()EPSS 0.3%CVE-2024-39495HIGHgreybus: Fix use-after-free bug in gb_interface_release due to race condition.EPSS 0.3%CVE-2022-33742Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities cEPSS 0.3%CVE-2024-49882ext4: fix double brelse() the buffer of the extents pathEPSS 0.3%CVE-2022-3565MEDIUMLinux Kernel Bluetooth l1oip_core.c del_timer use after freeEPSS 0.3%CVE-2025-21704usb: cdc-acm: Check control transfer buffer size before accessEPSS 0.3%CVE-2024-41042netfilter: nf_tables: prefer nft_chain_validateEPSS 0.3%CVE-2024-40978scsi: qedi: Fix crash while reading debugfs attributeEPSS 0.3%CVE-2023-6111HIGHUse-after-free in Linux kernel's netfilter: nf_tables componentEPSS 0.3%CVE-2022-33740Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities cEPSS 0.3%CVE-2022-33741Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities cEPSS 0.3%CVE-2022-26365Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities cEPSS 0.3%CVE-2024-26602sched/membarrier: reduce the ability to hammer on sys_membarrierEPSS 0.3%