Linux Kernel CVE Statistics
737 Linux Kernel CVEs in September 2025
Full month · Source: NIST NVD
In September 2025, 737 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 210 were rated High severity and 527 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. September's 737 CVEs represent 13% of all 2025 Linux kernel CVEs , up from August's 204 (a 261% month-over-month increase) .
737
Total CVEs
0
Critical
210
High
527
Medium
0
Low
0
KEV Exploited
All CVEs — September 2025
737 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2022-50386 | linux | High | 8.0 | 2025-09-18 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2c… | |
| CVE-2025-39873 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: can: xilinx_can: xcan_write_frame(): fix use-after-… | |
| CVE-2025-39882 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: fix potential OF node use-after-free … | |
| CVE-2025-39877 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in state_show() … | |
| CVE-2025-39880 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to ceph_connection_v1… | |
| CVE-2025-39881 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is releas… | |
| CVE-2025-39871 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxd_free The call… | |
| CVE-2025-39888 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported … | |
| CVE-2025-39870 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxd_setup_wqs(… | |
| CVE-2025-39868 | linux | High | 7.8 | 2025-09-23 | In the Linux kernel, the following vulnerability has been resolved: erofs: fix runtime warning on truncate_folio_batch_… | |
| CVE-2025-39864 | linux | High | 7.8 | 2025-09-19 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Fol… | |
| CVE-2025-39861 | linux | High | 7.8 | 2025-09-19 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing… | |
| CVE-2025-39855 | linux | High | 7.8 | 2025-09-19 | In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx->in_use in ice_ptp_ts_ir… | |
| CVE-2025-39862 | linux | High | 7.8 | 2025-09-19 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix list corruption after hardw… | |
| CVE-2025-39866 | linux | High | 7.8 | 2025-09-19 | In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in __mark_inode_d… |