Linux security advisories
26 threat alerts tracking vulnerabilities and security advisories that affect Linux products.
Vulnios monitors Linux CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent Linux security news in one place, or click into an individual alert for full detail.
Talos Intelligence Advisory — May 12, 2026
Talos Intelligence published an research on "Talos Intelligence Advisory — May 12, 2026". Topic areas: cisco, talos, malware, threat-intel. Published May 12, 2026. See the original source linked under
criticalUSN-8255-2: Linux kernel (Azure) vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker coul
criticalCVE-2023-2640USN-8266-1: Linux kernel vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary
criticalCVE-2026-23268USN-8267-1: Linux kernel vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary
criticalCVE-2026-23268USN-8254-2: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; -
criticalCVE-2026-23112USN-8265-1: Linux kernel (NVIDIA Tegra) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
criticalCVE-2024-36347USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture
criticalCVE-2023-53421USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture
criticalCVE-2022-49046DSA-6258-1 linux - security update
https://security-tracker.debian.org/tracker/DSA-6258-1
criticalDSA-6253-1 linux - security update
https://security-tracker.debian.org/tracker/DSA-6253-1
criticalVU#260001: Linux kernel contains local privilege escalation vulnerability (Copy Fail)
Overview A privilege escalation vulnerability has been discovered in Linux kernel versions version 4.17 (released 2017) and later. Many popular distributions and Linux-based containers are affected. T
criticalCVE-2026-31431SANS Internet Storm Center Advisory — May 8, 2026
Less than two weeks after the public disclosure of the Copy Fail vulnerability (CVE-2026-31431), another local privilege escalation (LPE) vulnerability in the Linux kernel has been revealed. Referred
criticalCVE-2026-31431Dirty Frag and other issues in Amazon Linux kernels
Bulletin ID: 2026-027-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/07 19:45 PM PDT Description: Amazon is aware of a class of issues in the Linux kernel relate
criticalCVE-2026-31431USN-8254-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; -
criticalCVE-2026-23112USN-8255-1: Linux kernel vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker coul
criticalCVE-2023-2640USN-8258-1: Linux kernel (Azure) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
criticalCVE-2024-36347USN-8260-1: Linux kernel (Azure FIPS) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
criticalCVE-2024-36347USN-8257-1: Linux kernel (Raspberry Pi) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
criticalCVE-2024-36347USN-8245-1: Linux kernel vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
criticalCVE-2024-36347USN-8244-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; -
criticalCVE-2026-23112USN-8179-4: Linux kernel (GCP) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
criticalCVE-2024-36347CVE-2026-31431
Bulletin ID: 2026-026-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/05/06 17:30 PM PDT Description: Amazon is aware of an issue in the Linux kernel (CVE-2026-31431
criticalCVE-2026-31431Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
Copy Fail (CVE-2026-31431) is a critical Linux kernel LPE that allows stealthy root access. This flaw impacts millions of systems. Read our analysis. The post Copy Fail: What You Need to Know About th
criticalCVE-2026-31431CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
criticalCVE-2026-31431Kubernetes v1.36: Pod-Level Resource Managers (Alpha)
Kubernetes v1.36 introduces Pod-Level Resource Managers as an alpha feature, bringing a more flexible and powerful resource management model to performance-sensitive workloads. This enhancement extend
criticalKubernetes v1.36: In-Place Vertical Scaling for Pod-Level Resources Graduates to Beta
Following the graduation of Pod-Level Resources to Beta in v1.34 and the General Availability (GA) of In-Place Pod Vertical Scaling in v1.35, the Kubernetes community is thrilled to announce that In-P
critical
Track Linux exposure across your environment
Vulnios automatically cross-references your asset inventory against new Linux CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan