356 Linux Kernel CVEs in December 2024
Full month · Source: NIST NVD
In December 2024, 356 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 98 were rated High severity and 258 Medium. 3 vulnerabilities were confirmed as actively exploited in the wild via the CISA KEV catalog, including CVE-2024-53197, CVE-2024-53104, CVE-2024-53150 . December's 356 CVEs represent 8% of all 2024 Linux kernel CVEs , up from November's 279 (a 28% month-over-month increase) .
Actively Exploited CVEs — December 2024
3 CVEs in CISA KEV3 Linux kernel CVEs from December 2024 are confirmed as actively exploited in the wild via the CISA KEV catalog: CVE-2024-53197, CVE-2024-53104, CVE-2024-53150 .
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2024-53197 | High KEV | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential … | |
| CVE-2024-53104 | High KEV | 7.8 | 2024-12-02 | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing f… | |
| CVE-2024-53150 | High KEV | 7.1 | 2024-12-24 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bou… |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2024-56740 | linux | High | 7.8 | 2024-12-29 | In the Linux kernel, the following vulnerability has been resolved: nfs/localio: must clear res.replen in nfs_local_rea… | |
| CVE-2024-56695 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy… | |
| CVE-2024-56699 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix potential double remove of hotplug sl… | |
| CVE-2024-56704 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an … | |
| CVE-2024-56678 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting c… | |
| CVE-2024-56708 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation fault on module unlo… | |
| CVE-2024-56684 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: fix wrong use of sizeof in cmdq_… | |
| CVE-2024-56693 | linux | High | 7.8 | 2024-12-28 | In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module ini… | |
| CVE-2024-53213 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with inter… | |
| CVE-2024-53237 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_ch… | |
| CVE-2024-53216 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work T… | |
| CVE-2024-53194 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove … | |
| CVE-2024-53177 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir … | |
| CVE-2024-53208 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in se… | |
| CVE-2024-53218 | linux | High | 7.8 | 2024-12-27 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix race in concurrent f2fs_stop_gc_thread In… |