linux security advisories

26 threat alerts tracking vulnerabilities and security advisories that affect linux products.

Vulnios monitors linux CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent linux security news in one place, or click into an individual alert for full detail.

Critical Vulnerability: CVE-2026-43114 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching func
criticalCVE-2026-43114
Critical Vulnerability: CVE-2026-43117 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() If overlay is used on top of btrfs, dentry->d_sb
criticalCVE-2026-43117
Critical Vulnerability: CVE-2026-43186 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() On the receive path, __ioam6_fill_trace_data() uses trace->nodel
criticalCVE-2026-43186
Critical Vulnerability: CVE-2026-43208 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS table for each receive queue would have t
criticalCVE-2026-43208
Critical Vulnerability: CVE-2026-43011 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at line 48 and return
criticalCVE-2026-43011
Critical Vulnerability: CVE-2026-43039 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emac_dispatch_skb_zc() allocates a new skb via na
criticalCVE-2026-43039
Critical Vulnerability: CVE-2026-43038 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the s
criticalCVE-2026-43038
Critical Vulnerability: CVE-2026-31463 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: iomap: fix invalid folio access when i_blkbits differs from I/O granularity Commit aa35dd5cbc06 ("iomap: fix invalid folio access
criticalCVE-2026-31463
Critical Vulnerability: CVE-2016-8437 — linux — linux_kernel
Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#10
criticalCVE-2016-8437
Critical Vulnerability: CVE-2016-8439 — linux — linux_kernel
Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: Q
criticalCVE-2016-8439
Critical Vulnerability: CVE-2016-8438 — linux — linux_kernel
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android
criticalCVE-2016-8438
Critical Vulnerability: CVE-2016-8398 — linux — linux_kernel
Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. Referen
criticalCVE-2016-8398
Critical Vulnerability: CVE-2016-8459 — linux — linux_kernel
Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577
criticalCVE-2016-8459
Critical Vulnerability: CVE-2016-8440 — linux — linux_kernel
Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-316
criticalCVE-2016-8440
Critical Vulnerability: CVE-2016-9555 — linux — linux_kernel
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-o
criticalCVE-2016-9555
Critical Vulnerability: CVE-2016-5343 — linux — linux_kernel
drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products
criticalCVE-2016-5343
Critical Vulnerability: CVE-2014-9410 — linux — linux_kernel
The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM
criticalCVE-2014-9410
Critical Vulnerability: CVE-2015-0573 — linux — linux_kernel
drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows att
criticalCVE-2015-0573
Critical Vulnerability: CVE-2015-8787 — linux — linux_kernel
The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or
criticalCVE-2015-8787
Critical Vulnerability: CVE-2026-31636 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk_verify_authenticator() copies auth_len bytes into a temporary buffer and th
criticalCVE-2026-31636
Critical Vulnerability: CVE-2026-31633 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's a potential integer overflow due to round
criticalCVE-2026-31633
Critical Vulnerability: CVE-2026-31501 — linux — linux_kernel
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5_hdesc_get_psdata() returns a pointer into the CPPI d
criticalCVE-2026-31501
Critical Vulnerability: CVE-2011-1180 — linux — linux_kernel
Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory
criticalCVE-2011-1180
Critical Vulnerability: CVE-2017-13715 — linux — linux_kernel
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a
criticalCVE-2017-13715
Critical Vulnerability: CVE-2017-0561 — linux — linux_kernel
A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due t
criticalCVE-2017-0561
Critical Vulnerability: CVE-2016-10150 — linux — linux_kernel
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possi
criticalCVE-2016-10150

Track linux exposure across your environment

Vulnios automatically cross-references your asset inventory against new linux CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.

Start a free scan

linux security advisories

Critical Vulnerability: CVE-2026-43114 — linux — linux_kernel

Critical Vulnerability: CVE-2026-43117 — linux — linux_kernel

Critical Vulnerability: CVE-2026-43186 — linux — linux_kernel

Critical Vulnerability: CVE-2026-43208 — linux — linux_kernel

Critical Vulnerability: CVE-2026-43011 — linux — linux_kernel

Critical Vulnerability: CVE-2026-43039 — linux — linux_kernel

Critical Vulnerability: CVE-2026-43038 — linux — linux_kernel

Critical Vulnerability: CVE-2026-31463 — linux — linux_kernel

Critical Vulnerability: CVE-2016-8437 — linux — linux_kernel

Critical Vulnerability: CVE-2016-8439 — linux — linux_kernel

Critical Vulnerability: CVE-2016-8438 — linux — linux_kernel

Critical Vulnerability: CVE-2016-8398 — linux — linux_kernel

Critical Vulnerability: CVE-2016-8459 — linux — linux_kernel

Critical Vulnerability: CVE-2016-8440 — linux — linux_kernel

Critical Vulnerability: CVE-2016-9555 — linux — linux_kernel

Critical Vulnerability: CVE-2016-5343 — linux — linux_kernel

Critical Vulnerability: CVE-2014-9410 — linux — linux_kernel

Critical Vulnerability: CVE-2015-0573 — linux — linux_kernel

Critical Vulnerability: CVE-2015-8787 — linux — linux_kernel

Critical Vulnerability: CVE-2026-31636 — linux — linux_kernel

Critical Vulnerability: CVE-2026-31633 — linux — linux_kernel

Critical Vulnerability: CVE-2026-31501 — linux — linux_kernel

Critical Vulnerability: CVE-2011-1180 — linux — linux_kernel

Critical Vulnerability: CVE-2017-13715 — linux — linux_kernel

Critical Vulnerability: CVE-2017-0561 — linux — linux_kernel

Critical Vulnerability: CVE-2016-10150 — linux — linux_kernel

Track linux exposure across your environment