Linux Kernel
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Linux Kernel.
Known Exploited Linux Kernel Vulnerabilities
The following Linux Kernel vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Linux Kernel Improper Ownership Management Vulnerability |
Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. CVE-2023-0386 Exploit Probability: 51.0% |
June 17, 2025 |
| Linux Kernel Out-of-Bounds Access Vulnerability |
Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code. CVE-2024-53197 Exploit Probability: 0.2% |
April 9, 2025 |
| Linux Kernel Out-of-Bounds Read Vulnerability |
Linux Kernel contains an out-of-bounds read vulnerability in the USB-audio driver that allows a local, privileged attacker to obtain potentially sensitive information. CVE-2024-53150 Exploit Probability: 0.2% |
April 9, 2025 |
| Linux Kernel Use of Uninitialized Resource Vulnerability |
The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report. CVE-2024-50302 Exploit Probability: 0.2% |
March 4, 2025 |
| Linux Kernel Out-of-Bounds Write Vulnerability |
Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege. CVE-2024-53104 Exploit Probability: 2.1% |
February 5, 2025 |
| Linux Kernel PIE Stack Buffer Corruption Vulnerability |
Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. CVE-2017-1000253 Exploit Probability: 55.6% |
September 9, 2024 |
| Linux Kernel Heap-Based Buffer Overflow |
Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges. CVE-2022-0185 Exploit Probability: 0.8% |
August 21, 2024 |
| Linux Kernel Use-After-Free Vulnerability |
Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges. CVE-2022-2586 Exploit Probability: 1.5% |
June 26, 2024 |
| Linux Kernel Use-After-Free Vulnerability |
Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation. CVE-2024-1086 Exploit Probability: 79.4% |
May 30, 2024 |
| Linux Kernel Race Condition Vulnerability |
Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service or gain privileges via read and write operations with long strings. CVE-2014-0196 Exploit Probability: 61.2% |
May 12, 2023 |
| Linux Kernel Improper Input Validation Vulnerability |
Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. CVE-2010-3904 Exploit Probability: 2.1% |
May 12, 2023 |
| Linux Kernel Use-After-Free Vulnerability |
Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user. CVE-2023-0266 Exploit Probability: 0.0% |
March 30, 2023 |
| Linux Kernel Privilege Escalation Vulnerability |
The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, which could lead to privilege escalation. CVE-2021-3493 Exploit Probability: 73.9% |
October 20, 2022 |
| Linux Kernel Privilege Escalation Vulnerability |
Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation. CVE-2013-2094 Exploit Probability: 55.2% |
September 15, 2022 |
| Linux Kernel Integer Overflow Vulnerability |
Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability which allows for privilege escalation. CVE-2013-2596 Exploit Probability: 0.6% |
September 15, 2022 |
| Linux Kernel Improper Input Validation Vulnerability |
The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation. CVE-2013-6282 Exploit Probability: 46.9% |
September 15, 2022 |
| Linux Kernel Privilege Escalation Vulnerability |
The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges. CVE-2014-3153 Exploit Probability: 81.4% |
May 25, 2022 |
| Linux Kernel Privilege Escalation Vulnerability |
Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of "Dirty Pipe." CVE-2022-0847 Exploit Probability: 82.7% |
April 25, 2022 |
| Linux Kernel Privilege Escalation Vulnerability |
Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service or possibly for privilege escalation. CVE-2021-22600 Exploit Probability: 0.1% |
April 11, 2022 |
| Linux Kernel Race Condition Vulnerability |
Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges. CVE-2016-5195 Exploit Probability: 94.2% |
March 3, 2022 |
Of the known exploited vulnerabilities above, 4 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 6 known exploited Linux Kernel vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
Top 10 Riskiest Linux Kernel Vulnerabilities
Based on the current exploit probability, these Linux Kernel vulnerabilities are on CISA's Known Exploited vulnerabilities list (KEV) and are ranked by the current EPSS exploit probability.
| Rank | CVE | EPSS | Vulnerability |
|---|---|---|---|
| 1 | CVE-2016-5195 | 94.2% | Linux Kernel Race Condition Vulnerability |
| 2 | CVE-2022-0847 | 82.7% | Linux Kernel Privilege Escalation Vulnerability |
| 3 | CVE-2014-3153 | 81.4% | Linux Kernel Privilege Escalation Vulnerability |
| 4 | CVE-2024-1086 | 79.4% | Linux Kernel Use-After-Free Vulnerability |
| 5 | CVE-2019-13272 | 75.4% | Linux Kernel Improper Privilege Management Vulnerability |
| 6 | CVE-2021-3493 | 73.9% | Linux Kernel Privilege Escalation Vulnerability |
| 7 | CVE-2014-0196 | 61.2% | Linux Kernel Race Condition Vulnerability |
| 8 | CVE-2017-1000253 | 55.6% | Linux Kernel PIE Stack Buffer Corruption Vulnerability |
| 9 | CVE-2013-2094 | 55.2% | Linux Kernel Privilege Escalation Vulnerability |
| 10 | CVE-2023-0386 | 51.0% | Linux Kernel Improper Ownership Management Vulnerability |
By the Year
In 2025 there have been 0 vulnerabilities in Linux Kernel. Kernel did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Kernel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Linux Kernel Security Vulnerabilities
The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which
CVE-2010-0309
- February 12, 2010
The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.
Configuration
The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which
CVE-2009-3624
- November 02, 2009
The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands.
Cryptographic Issues
Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring
CVE-2009-2406
- July 31, 2009
Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size.
Buffer Overflow
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30
CVE-2009-1389
- June 16, 2009
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
Buffer Overflow
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5
CVE-2009-1385
- June 04, 2009
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
Numeric Errors
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Linux Kernel or by Linux? Click the Watch button to subscribe.
