In 2021, 175 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 1 was rated Critical, 85 High severity , and 1 was confirmed as actively exploited in the wild (CISA KEV) . Compared to 2020's 132 CVEs, 2021 represented an increase of 33% year-on-year. March was the most active month, with 32 CVEs published.
Monthly CVE Breakdown — 2021
CVEs published per month with severity breakdown
March (32) was the most active month in 2021. Together the top months account for a significant share of 2021's 175 total CVEs. September (5) had the lowest volume.
Severity Distribution — 2021
Breakdown across 175 CVEs
47% Medium · 49% High · 1% Critical.
Monthly Counts — 2021
CVE counts by month and severity
March was the most active month with 32 CVEs — 18% of 2021's total. September (5) had the lowest volume.
| Month | Total | Critical | High | Medium | Low | Share of year |
|---|---|---|---|---|---|---|
| January | 10 | 0 | 5 | 5 | 0 |
6%
|
| February | 14 | 0 | 8 | 6 | 0 |
8%
|
| March | 32 | 0 | 9 | 23 | 0 |
18%
|
| April | 15 | 0 | 8 | 7 | 0 |
9%
|
| May | 27 | 0 | 17 | 9 | 1 |
15%
|
| June | 16 | 0 | 10 | 6 | 0 |
9%
|
| July | 9 | 0 | 6 | 3 | 0 |
5%
|
| August | 27 | 0 | 9 | 14 | 4 |
15%
|
| September | 5 | 0 | 4 | 1 | 0 |
3%
|
| October | 7 | 0 | 4 | 3 | 0 |
4%
|
| November | 5 | 1 | 0 | 4 | 0 |
3%
|
| December | 8 | 0 | 5 | 2 | 1 |
5%
|
| Total | 175 | 1 | 85 | 83 | 6 |
Actively exploited CVEs — 2021
1 CVE confirmed in CISA KEV catalog
All CVEs — 2021
175 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2021-43267 | linux | Critical | 9.8 | 2021-11-02 | An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communic… | |
| CVE-2021-3653 | linux | High | 8.8 | 2021-09-29 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VM… | |
| CVE-2021-3491 | linux | High | 8.8 | 2021-06-04 | The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operati… | |
| CVE-2021-28660 | linux | High | 8.8 | 2021-03-17 | rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing bey… | |
| CVE-2020-28374 | linux | High | 8.1 | 2021-01-13 | In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SC… | |
| CVE-2021-45469 | linux | High | 7.8 | 2021-12-23 | In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when… | |
| CVE-2018-25020 | linux | High | 7.8 | 2021-12-08 | The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence w… | |
| CVE-2021-43057 | linux | High | 7.8 | 2021-10-28 | An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux … | |
| CVE-2021-42252 | linux | High | 7.8 | 2021-10-11 | An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14… | |
| CVE-2021-42008 | linux | High | 7.8 | 2021-10-05 | The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds wr… |
2021 Linux Kernel CVE Highlights
-
Volume without critical severity
Despite high CVE volume, 2021 produced only 1 Critical-rated vulnerability. 47% of 2021 CVEs are Medium severity. This means the surge in raw numbers does not represent a proportional surge in high-severity risk.
-
Monthly variation
CVE publication in 2021 was uneven across months. March was the most active with 32 CVEs. September (5) had the lowest volume. Monthly spikes typically correspond to coordinated batches of backfilled CVEs being processed at once.