More fun with CVE numbers:
=== CVEs Published Per Year ===
2024: 4451 CVEs
2025: 1502 CVEs
=== CVEs Published in Last 6 Months ===
November 2024: 280 CVEs
December 2024: 358 CVEs
January 2025: 234 CVEs
February 2025: 929 CVEs
March 2025: 214 CVEs
April 2025: 125 CVEs
=== Overall Averages ===
Average CVEs per month: 401.95
Average CVEs per week: 92.40
Average CVEs per day: 13.19
Statistics calculated from 2024-01-21 to 2025-04-16
And for those curious, here’s the current stats for kernel CVEs reserved/assigned/rejected since we started just over a year ago:
Year Reserved Assigned Rejected A+R Total
2019: 47 2 1 3 50
2020: 36 14 0 14 50
2021: 20 728 23 751 771
2022: 20 1098 16 1114 1134
2023: 20 493 28 521 541
2024: 20 3067 84 3151 3171
2025: 1837 384 12 396 2233
Total: 2000 5786 164 5950 7950
How #Linux Kernel Deals With Tracking CVE #Security Issues: https://thenewstack.io/how-linux-kernel-deals-with-tracking-cve-security-issues/ via @TheNewStack & @sjvn
And why, all too soon, most #opensource projects must also manage their own Common Vulnerabilities and Exposures.
Excellent #keynote by @gregkh at #KubeCon #CloudNativeCon on why we need #Rust in the #Linux kernel, including:
➡️ Standardize, "automate" error handling
➡️ Enforce lock acquisition, automate release
➡️ Type safety
As an important side-effect, switching from C to Rust requires you to ensure APIs fit the cleaner error handling/locking/type paradigms.
To ensure Linux stays secure and maintainers sane.
He also recommended the following 90-minute presentation: https://newsletter.pragmaticengineer.com/p/how-linux-is-built-with-greg-kroah
Many in open source are still unaware of how the Cyber Resilience Act will impact projects and businesses. This blog breaks it down.
The initial set of speakers and talks for ER is now published. A few highlights:
- @gregkh on the EU Cyber Resiliency Act (CRA)
- barriers to security on embedded systems
- Steam OS impact on Linux ecosystem
- Functional Safety on Linux
- writing real-time applications
- fully open source CNC and 3D printing
and many more: https://embedded-recipes.org/2025/speakers/
Registration is now open for ER 2025! We hope you can join us this year in Nice, France.
https://embedded-recipes.org/2025/attend/