In 2002, 15 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 0 were rated Critical, 3 High severity . Compared to 2001's 20 CVEs, 2002 represented a decrease of 25% year-on-year. December was the most active month, with 10 CVEs published.
Monthly CVE Breakdown — 2002
CVEs published per month with severity breakdown
December (10) was the most active month in 2002. Together the top months account for a significant share of 2002's 15 total CVEs. January (1) had the lowest volume.
Severity Distribution — 2002
Breakdown across 15 CVEs
20% Medium · 20% High · 0% Critical.
Monthly Counts — 2002
CVE counts by month and severity
December was the most active month with 10 CVEs — 67% of 2002's total. January (1) had the lowest volume.
| Month | Total | Critical | High | Medium | Low | Share of year |
|---|---|---|---|---|---|---|
| January | 1 | 0 | 0 | 1 | 0 |
7%
|
| July | 1 | 0 | 0 | 0 | 1 |
7%
|
| August | 3 | 0 | 0 | 1 | 2 |
20%
|
| December | 10 | 0 | 3 | 1 | 6 |
67%
|
| Total | 15 | 0 | 3 | 3 | 9 |
All CVEs — 2002
15 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2002-1573 | linux | High | 10.0 | 2002-12-31 | Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown… | |
| CVE-2002-1572 | linux | High | 10.0 | 2002-12-31 | Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has … | |
| CVE-2002-2016 | linux | High | 7.2 | 2002-12-31 | User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute ar… | |
| CVE-2002-0510 | linux | Medium | 5.0 | 2002-08-12 | The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, wh… | |
| CVE-2002-0046 | linux | Medium | 5.0 | 2002-01-31 | Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of … | |
| CVE-2002-1826 | linux | Medium | 4.6 | 2002-12-31 | grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly m… | |
| CVE-2002-0429 | linux | Low | 3.6 | 2002-08-12 | The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to … | |
| CVE-2002-1963 | linux | Low | 2.1 | 2002-12-31 | Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a … | |
| CVE-2002-1571 | linux | Low | 2.1 | 2002-12-31 | The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an inf… | |
| CVE-2002-1976 | linux | Low | 2.1 | 2002-12-31 | ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mod… |
2002 Linux Kernel CVE Highlights
-
Volume without critical severity
Despite high CVE volume, 2002 produced only 0 Critical-rated vulnerabilities. 20% of 2002 CVEs are Medium severity. This means the surge in raw numbers does not represent a proportional surge in high-severity risk.
-
Monthly variation
CVE publication in 2002 was uneven across months. December was the most active with 10 CVEs. January (1) had the lowest volume. Monthly spikes typically correspond to coordinated batches of backfilled CVEs being processed at once.