In 2018, 456 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 15 were rated Critical, 296 High severity , and 1 was confirmed as actively exploited in the wild (CISA KEV) . Compared to 2017's 555 CVEs, 2018 represented a decrease of 18% year-on-year. July was the most active month, with 84 CVEs published.
Monthly CVE Breakdown — 2018
CVEs published per month with severity breakdown
July (84) was the most active month in 2018. Together the top months account for a significant share of 2018's 456 total CVEs. August (10) had the lowest volume.
Severity Distribution — 2018
Breakdown across 456 CVEs
31% Medium · 65% High · 3% Critical.
Monthly Counts — 2018
CVE counts by month and severity
July was the most active month with 84 CVEs — 18% of 2018's total. August (10) had the lowest volume.
| Month | Total | Critical | High | Medium | Low | Share of year |
|---|---|---|---|---|---|---|
| January | 38 | 3 | 25 | 10 | 0 |
8%
|
| February | 24 | 1 | 15 | 8 | 0 |
5%
|
| March | 60 | 3 | 39 | 18 | 0 |
13%
|
| April | 38 | 4 | 19 | 15 | 0 |
8%
|
| May | 19 | 0 | 9 | 10 | 0 |
4%
|
| June | 48 | 1 | 33 | 14 | 0 |
11%
|
| July | 84 | 2 | 45 | 36 | 1 |
18%
|
| August | 10 | 0 | 4 | 6 | 0 |
2%
|
| September | 67 | 0 | 58 | 9 | 0 |
15%
|
| October | 13 | 0 | 5 | 6 | 2 |
3%
|
| November | 33 | 0 | 28 | 5 | 0 |
7%
|
| December | 22 | 1 | 16 | 5 | 0 |
5%
|
| Total | 456 | 15 | 296 | 142 | 3 |
Actively exploited CVEs — 2018
1 CVE confirmed in CISA KEV catalog
All CVEs — 2018
456 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2018-11905 | linux | Critical | 9.8 | 2018-12-07 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buf… | |
| CVE-2018-3586 | linux | Critical | 9.8 | 2018-07-06 | An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android… | |
| CVE-2018-5855 | linux | Critical | 9.8 | 2018-07-06 | While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM… | |
| CVE-2018-12714 | linux | Critical | 9.8 | 2018-06-24 | An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c co… | |
| CVE-2016-10458 | linux | Critical | 9.8 | 2018-04-18 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410… | |
| CVE-2018-3596 | linux | Critical | 9.8 | 2018-04-03 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux ker… | |
| CVE-2017-18147 | linux | Critical | 9.8 | 2018-04-03 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux ker… | |
| CVE-2018-3599 | linux | Critical | 9.8 | 2018-04-03 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux ker… | |
| CVE-2016-10393 | linux | Critical | 9.8 | 2018-03-15 | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when pr… | |
| CVE-2017-15815 | linux | Critical | 9.8 | 2018-03-15 | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a poten… |
2018 Linux Kernel CVE Highlights
-
Monthly variation
CVE publication in 2018 was uneven across months. July was the most active with 84 CVEs. August (10) had the lowest volume. Monthly spikes typically correspond to coordinated batches of backfilled CVEs being processed at once.