287 Linux Kernel CVEs in June 2024
Full month · Source: NIST NVD
In June 2024, 287 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 5 were rated Critical, 90 were rated High severity and 191 Medium. CVE-2024-36971 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. June's 287 CVEs represent 7% of all 2024 Linux kernel CVEs , down from May's 1,076 (a 73% month-over-month decrease) .
Actively Exploited CVEs — June 2024
1 CVE in CISA KEVCVE-2024-36971 is the only Linux kernel CVE from June 2024 confirmed as actively exploited in the wild. It carries a CVSS score of 7.8 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2024-36971 | High KEV | 7.8 | 2024-06-10 | In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice(… |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2024-39462 | linux | Critical | 9.8 | 2024-06-25 | In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num before accessing ->hws … | |
| CVE-2024-38623 | linux | Critical | 9.8 | 2024-06-21 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixe… | |
| CVE-2022-48716 | linux | Critical | 9.8 | 2024-06-20 | In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid… | |
| CVE-2024-38541 | linux | Critical | 9.8 | 2024-06-19 | In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalia… | |
| CVE-2024-38612 | linux | Critical | 9.8 | 2024-06-19 | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The err… | |
| CVE-2021-4440 | linux | High | 8.8 | 2024-06-25 | In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGS_SYSRET64 paravirt call commit … | |
| CVE-2024-38605 | linux | High | 8.8 | 2024-06-19 | In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at c… | |
| CVE-2016-20022 | linux | High | 8.4 | 2024-06-27 | In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize fi… | |
| CVE-2024-38384 | linux | High | 8.4 | 2024-06-24 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from reorder of WRI… | |
| CVE-2022-48754 | linux | High | 8.4 | 2024-06-20 | In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd5… | |
| CVE-2024-38616 | linux | High | 8.2 | 2024-06-19 | In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The… | |
| CVE-2024-39463 | linux | High | 7.8 | 2024-06-25 | In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid li… | |
| CVE-2024-38664 | linux | High | 7.8 | 2024-06-24 | In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dpsub: Always register bridge We must a… | |
| CVE-2024-39291 | linux | High | 7.8 | 2024-06-24 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_… | |
| CVE-2024-38667 | linux | High | 7.8 | 2024-06-24 | In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idl… |