4 Linux Kernel CVEs in 1999

Full year · Source: NIST NVD

2000

In 1999, 4 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 0 were rated Critical, 2 High severity . July was the most active month, with 2 CVEs published.

4
Total CVEs
0
Critical
2
High
2
Medium
0
Low
0
KEV Exploited

Monthly CVE Breakdown — 1999

CVEs published per month with severity breakdown

Monthly highlight

July (2) was the most active month in 1999. Together the top months account for a significant share of 1999's 4 total CVEs. June (1) had the lowest volume.

Critical
High
Medium
Low
Source: NIST NVD API.

Severity Distribution — 1999

Breakdown across 4 CVEs

Critical 0%
High 50%
Medium 50%
Low 0%
Severity breakdown

50% Medium · 50% High · 0% Critical.

Percentages rounded to nearest integer.

Monthly Counts — 1999

CVE counts by month and severity

Monthly highlight

July was the most active month with 2 CVEs — 50% of 1999's total. June (1) had the lowest volume.

Month Total Critical High Medium Low Share of year
June 1 0 0 1 0
25%
July 2 0 2 0 0
50%
October 1 0 0 1 0
25%
Total 4 0 2 2 0
Click any month to view all CVEs published that month.

All CVEs — 1999

4 CVEs

All (4) Critical (0) High (2) Medium (2) Low (0)
CVE ID Package Severity CVSS Published Description
CVE-1999-1018 linux High 7.5 1999-07-27 IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, w…
CVE-1999-1166 linux High 7.2 1999-07-11 Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by acc…
CVE-1999-0804 linux Medium 5.0 1999-06-01 Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header leng…
CVE-1999-1341 linux Medium 4.6 1999-10-22 Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packe…

1999 Linux Kernel CVE Highlights

  • Volume without critical severity

    Despite high CVE volume, 1999 produced only 0 Critical-rated vulnerabilities. 50% of 1999 CVEs are Medium severity. This means the surge in raw numbers does not represent a proportional surge in high-severity risk.

  • Monthly variation

    CVE publication in 1999 was uneven across months. July was the most active with 2 CVEs. June (1) had the lowest volume. Monthly spikes typically correspond to coordinated batches of backfilled CVEs being processed at once.

Frequently Asked Questions

How many Linux kernel CVEs were published in 1999?

4 Linux kernel CVEs were published in 1999, sourced from the NIST National Vulnerability Database. 0 were rated Critical, 2 High severity .

Which month had the most Linux kernel CVEs in 1999?

July 1999 had the most Linux kernel CVEs of any month in 1999, with 2 published — 50% of all 1999 CVEs. View July 1999 CVEs →

Why were there so many Linux kernel CVEs in 1999?

The volume of Linux kernel CVEs in 1999 reflects the kernel project's expanded use of its own CVE Numbering Authority (CNA), which began systematically publishing CVEs for a broader range of subsystem-level bugs — including many previously unreported or patched without a CVE assignment. This explains why volume remained high while critical severity counts remained very low.

How does 1999 compare to previous years for Linux kernel CVEs?

1999 had 4 CVEs . View the full year-by-year breakdown →

All-time stats 2000 statistics