In 2016, 223 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 9 were rated Critical, 105 High severity , and 1 was confirmed as actively exploited in the wild (CISA KEV) . Compared to 2015's 86 CVEs, 2016 represented an increase of 159% year-on-year. May was the most active month, with 56 CVEs published.
Monthly CVE Breakdown — 2016
CVEs published per month with severity breakdown
May (56) was the most active month in 2016. Together the top months account for a significant share of 2016's 223 total CVEs. September (1) had the lowest volume.
Severity Distribution — 2016
Breakdown across 223 CVEs
48% Medium · 47% High · 4% Critical.
Monthly Counts — 2016
CVE counts by month and severity
May was the most active month with 56 CVEs — 25% of 2016's total. September (1) had the lowest volume.
| Month | Total | Critical | High | Medium | Low | Share of year |
|---|---|---|---|---|---|---|
| February | 12 | 1 | 3 | 8 | 0 |
5%
|
| March | 2 | 0 | 0 | 2 | 0 |
1%
|
| April | 30 | 1 | 6 | 23 | 0 |
13%
|
| May | 56 | 0 | 28 | 27 | 1 |
25%
|
| June | 17 | 0 | 12 | 5 | 0 |
8%
|
| July | 7 | 1 | 5 | 1 | 0 |
3%
|
| August | 28 | 3 | 13 | 12 | 0 |
13%
|
| September | 1 | 0 | 0 | 1 | 0 |
0%
|
| October | 19 | 2 | 7 | 10 | 0 |
9%
|
| November | 30 | 1 | 16 | 13 | 0 |
13%
|
| December | 21 | 0 | 15 | 6 | 0 |
9%
|
| Total | 223 | 9 | 105 | 108 | 1 |
Actively exploited CVEs — 2016
1 CVE confirmed in CISA KEV catalog
All CVEs — 2016
223 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2016-9555 | linux | Critical | 9.8 | 2016-11-28 | The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for t… | |
| CVE-2016-7117 | linux | Critical | 9.8 | 2016-10-10 | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows rem… | |
| CVE-2016-5343 | linux | Critical | 9.8 | 2016-10-10 | drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm … | |
| CVE-2016-5344 | linux | Critical | 9.8 | 2016-08-30 | Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) An… | |
| CVE-2014-9410 | linux | Critical | 9.8 | 2016-08-07 | The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel… | |
| CVE-2015-0573 | linux | Critical | 9.8 | 2016-08-07 | drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation C… | |
| CVE-2016-3955 | linux | Critical | 9.8 | 2016-07-03 | The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attack… | |
| CVE-2015-8812 | linux | Critical | 9.8 | 2016-04-27 | drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which… | |
| CVE-2015-8787 | linux | Critical | 9.8 | 2016-02-08 | The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attac… | |
| CVE-2016-3134 | linux | High | 8.4 | 2016-04-27 | The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local u… |
2016 Linux Kernel CVE Highlights
-
Monthly variation
CVE publication in 2016 was uneven across months. May was the most active with 56 CVEs. September (1) had the lowest volume. Monthly spikes typically correspond to coordinated batches of backfilled CVEs being processed at once.