These pages track how the Linux distributions I have deployed are responding to specific vulnerabilities — which releases are patched, which are still exposed, and when the fixes shipped. Each tracker is updated twice daily with information from distribution advisories and other sources. Updates are continued until all the tracked distributions have released fixes.
Linux Kernel
- CVE-2026-43494 / CVE-2026-43502 — PinTheft
- Linux kernel RDS zerocopy double-free leading to io_uring page-cache overwrite.
- CVE-2026-46243 — CIFSwitch
- Linux kernel CIFS client cifs.spnego key-description forgery steers the rootful cifs.upcall helper into loading an attacker-controlled NSS module, for local privilege escalation.
Applications
- CVE-2026-9256 — nginx rewrite-module heap overflow
- nginx rewrite module heap buffer overflow via overlapping PCRE regex captures, crashing the worker process — and potentially remote code execution where ASLR is bypassed.
Archived
- CVE-2026-31431 — Copy Fail
- Linux kernel algif_aead local privilege escalation.
- CVE-2026-43284 — Dirty Frag
- Linux kernel xfrm-ESP and RxRPC page-cache write local privilege escalation.