Multiple Linux Kernel Vulnerabilities Prompt dCERT Advisories
dCERT published two advisories, 2025-1332 and 2025-1527, warning of multiple vulnerabilities in the Linux kernel. The notices indicate that separate sets of kernel flaws were significant enough to warrant dedicated advisories, underscoring continued security risk in one of the most widely deployed operating system components across servers, cloud infrastructure, appliances, and embedded systems.
While no public synopsis was included in the referenced advisories, the alerts point organizations to review affected kernel versions, assess exposure across Linux-based assets, and apply vendor-provided updates or mitigations. Because kernel vulnerabilities can affect core system security boundaries and stability, unpatched systems may face elevated risk depending on the specific flaws and deployment context.
How this story unfolded
18 events from the earliest known activity through the most recent confirmed update.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2025-1332
dCERT issued advisory 2025-1332 regarding multiple vulnerabilities in the Linux Kernel. No further technical details or remediation information are provided in the reference.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2025-1527
dCERT issued advisory 2025-1527 regarding multiple vulnerabilities in the Linux Kernel. The reference does not include additional details on affected versions, impact, or fixes.
dCERT publishes Linux Kernel denial-of-service advisory 2025-1832
dCERT issued advisory 2025-1832 for multiple Linux Kernel vulnerabilities that can allow denial of service. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel denial-of-service advisory 2025-2313
dCERT issued advisory 2025-2313 for a Linux Kernel vulnerability that can allow denial of service. The reference does not provide additional technical details, affected versions, or remediation information.
dCERT publishes Linux Kernel denial-of-service advisory 2025-2271
dCERT issued advisory 2025-2271 for multiple Linux Kernel vulnerabilities that can allow denial of service. The reference does not provide additional technical details, affected versions, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2025-2262
dCERT issued advisory 2025-2262 regarding multiple vulnerabilities in the Linux Kernel. The reference does not include additional technical details on affected versions, impact, or remediation.
dCERT publishes Linux Kernel denial-of-service advisory 2025-2238
dCERT issued advisory 2025-2238 for multiple Linux Kernel vulnerabilities that can allow denial of service. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-0864
dCERT issued advisory 2026-0864 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel denial-of-service advisory 2026-0893
dCERT issued advisory 2026-0893 for multiple Linux Kernel vulnerabilities that can allow denial of service. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-0925
dCERT issued advisory 2026-0925 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-0962
dCERT issued advisory 2026-0962 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel DoS/code-execution advisory 2026-1030
dCERT issued advisory 2026-1030 for a Linux Kernel vulnerability that can allow denial of service or code execution. The reference does not provide additional technical details, affected versions, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-1273
dCERT issued advisory 2026-1273 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-1361
dCERT issued advisory 2026-1361 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-1424
dCERT issued advisory 2026-1424 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel privilege-escalation advisory 2026-1502
dCERT issued advisory 2026-1502 for a Linux Kernel vulnerability in Fragnesia that can allow gaining administrative rights. The reference does not provide additional technical details, affected versions, or remediation information.
dCERT publishes Linux Kernel multiple-vulnerability advisory 2026-1491
dCERT issued advisory 2026-1491 regarding multiple vulnerabilities in the Linux Kernel. The reference does not provide additional technical details, affected versions, impact, or remediation information.
dCERT publishes Linux Kernel denial-of-service advisory 2026-1524
dCERT issued advisory 2026-1524 for a Linux Kernel vulnerability that can allow denial of service. The reference does not provide additional technical details, affected versions, impact, or remediation information.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
18 references tracked. Mallory keeps watching after this page renders.
dCERT - Advisory 2026-1502 - Linux Kernel (Fragnesia): Vulnerability allows gaining administrative rights
dcert.de
Open sourcedCERT - Advisory 2026-1524 - Linux Kernel: Vulnerability allows Denial of Service
dcert.de
Open sourcedCERT - Advisory 2026-1491 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1424 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1361 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1273 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-1030 - Linux Kernel: Vulnerability allows Denial of Service or Code Execution
dcert.de
Open sourcedCERT - Advisory 2026-0962 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-0925 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2026-0893 - Linux Kernel: Multiple Vulnerabilities allow Denial of Service
dcert.de
Open sourcedCERT - Advisory 2026-0864 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2025-2271 - Linux Kernel: Multiple Vulnerabilities allow Denial of Service
dcert.de
Open sourcedCERT - Advisory 2025-2313 - Linux Kernel: Vulnerability allows Denial of Service
dcert.de
Open sourcedCERT - Advisory 2025-2238 - Linux Kernel: Multiple Vulnerabilities allow Denial of Service
dcert.de
Open sourcedCERT - Advisory 2025-1832 - Linux Kernel: Multiple Vulnerabilities allow Denial of Service
dcert.de
Open sourcedCERT - Advisory 2025-1332 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2025-1527 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourcedCERT - Advisory 2025-2262 - Linux Kernel: Multiple Vulnerabilities
dcert.de
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Linux Kernel Denial-of-Service Vulnerabilities Prompt dCERT Advisories
dCERT issued two advisories for **Linux Kernel** vulnerabilities that can lead to **denial of service**, identifying the issues as advisory `2026-1017` and advisory `2026-1046`. Both notices describe flaws in the kernel that could allow attackers to disrupt system availability, underscoring continued risk to Linux-based servers, appliances, and endpoints that rely on the affected kernel components. While the advisories do not include public synopses, the paired notices indicate separate Linux Kernel denial-of-service issues requiring review by defenders and system owners. Organizations running Linux should track the affected kernel versions referenced by dCERT, prioritize vendor patches or mitigations as they become available, and assess exposure across internet-facing and critical internal systems where service interruption would have operational impact.
Apr 13, 2026
Multiple Vulnerabilities Disclosed in systemd
dCERT published two advisories covering **multiple vulnerabilities in `systemd`**, the widely deployed Linux init system and service manager. The notices identify separate batches of flaws affecting `systemd`, indicating an ongoing stream of security issues in a core component used across many Linux distributions and enterprise environments. Because `systemd` is deeply integrated into system startup, service control, logging, and host management, vulnerabilities in the software can have broad operational and security impact depending on the affected component and deployment. Organizations using Linux systems with `systemd` should review the dCERT advisories **2026-0707** and **2026-0815**, determine exposure across their fleets, and prioritize vendor patches or mitigations as they become available.
Apr 13, 2026
Microsoft Discloses Broad Set of Linux Kernel Vulnerabilities
Microsoft published a broad batch of Security Update Guide entries for Linux kernel flaws affecting memory management, networking, virtualization, device drivers, and subsystem input validation. The listed issues include use-after-free, NULL dereference, integer underflow, refcount underflow, information disclosure, and bounds-checking failures tracked as **`CVE-2026-31496`**, **`CVE-2026-31458`**, **`CVE-2026-31689`**, **`CVE-2026-31615`**, **`CVE-2026-31664`**, **`CVE-2026-31656`**, **`CVE-2026-31611`**, **`CVE-2026-31671`**, **`CVE-2026-31612`**, and others. Affected components span `nf_conntrack_expect`, `damon`, `edac_mc`, `renesas_usb3`, `xfrm`, `drm/i915`, `ksmbd`, `stmmac`, `tipc`, `mptcp`, `NFC`, `HID`, `KVM`, `mmc`, `x86/CPU`, `PCI endpoint`, `blk-cgroup`, `media/as102`, and `altera-tse`. Several entries point to bugs that could lead to kernel crashes, memory corruption, or data leakage if triggered through malformed input, protocol handling, or device interaction. Notable examples include a slab use-after-free in `mptcp`, information leaks in `xfrm_user` and `xfrm`, validation flaws in `ksmbd`, endpoint index handling in `usb: gadget: renesas_usb3`, and multiple underflow and teardown-ordering bugs across networking and driver code. The disclosures indicate a coordinated publication of upstream Linux kernel fixes through Microsoft's advisory channel, underscoring the need for organizations running Linux workloads in Microsoft-connected environments to review affected kernel versions and apply vendor patches promptly.
May 2, 2026