← Back to Skills Marketplace
45
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install kernel-cve-tracker
Description
跟踪 Ubuntu Linux 内核 CVE 漏洞的工具技能。当用户需要以下操作时使用此技能:(1) 查询特定内核版本(如 5.10/5.15)的 CVE 列表和修复状态;(2) 分析 Ubuntu Security Notice (USN) 中的内核漏洞详情;(3) 获取漏洞发现方式(发现者/发现方法);(4)...
README (SKILL.md)
Kernel CVE Tracker
从 Ubuntu Security 官方来源抓取、汇总和跟踪 Linux 内核 CVE 漏洞。
数据来源
- CVE 搜索:https://ubuntu.com/security/cves?package=linux-hwe-5.10
- USN 列表:https://ubuntu.com/security/notices
- CVE 详情:https://ubuntu.com/security/CVE-YYYY-NNNNN
- OVAL 机器可读:https://ubuntu.com/security/oval
内核版本对应关系(Ubuntu HWE)
| 包名 | 对应上游版本 | 维护者 |
|---|---|---|
linux-hwe-5.10 |
5.10 LTS (HWE) | Ubuntu Kernel Team |
linux-hwe-5.15 |
5.15 LTS (HWE) | Ubuntu Kernel Team |
linux-hwe-6.8 |
6.8 LTS (HWE) | Ubuntu Kernel Team |
linux-oem-5.10 |
OEM 定制 | OEM Vendor |
linux-aws-5.10 |
AWS 定制 | Ubuntu Kernel Team |
linux-azure-5.10 |
Azure 定制 | Ubuntu Kernel Team |
linux-gcp-5.10 |
GCP 定制 | Ubuntu Kernel Team |
漏洞状态标记说明
| 状态 | 含义 |
|---|---|
Fixed |
已修复(含修复版本号) |
Vulnerable, work in progress |
修复中 |
Ignored / Ignored end of standard support |
已忽略(生命末期) |
Not in release |
该版本未发布此包 |
Not affected |
不受影响 |
抓取流程
Step 1: 搜索 CVE 列表
web_fetch("https://ubuntu.com/security/cves?package=linux-hwe-5.15")
解析状态矩阵,提取所有 Fixed 和 Vulnerable 条目。
Step 2: 获取 USN 详情
web_fetch("https://ubuntu.com/security/notices/USN-XXXX-N")
Details 区包含:
- 受影响子系统列表(Subsystems)
- CVE 引用列表(References)
- 修复包版本号
Step 3: 单个 CVE 详情
web_fetch("https://ubuntu.com/security/CVE-YYYY-NNNNN")
包含:各包各发行版状态矩阵、漏洞描述、发现者信息。
Step 4: 汇总漏洞发现方式
参考 references/cve-list.md,按以下分类汇总:
| 发现方式 | 特征 |
|---|---|
| 安全研究员主动挖掘 | USN/CVE 页面会标注发现者姓名 |
| 内部代码审计/fuzzer | 漏洞描述提及"incorrectly handled"或"did not properly validate" |
| 社区/红队被动报告 | 描述简单,仅注明"discovered that...",未署名 |
| 自动化工具/CVA | 无具体发现者信息,系统性测试发现 |
漏洞发现方式分类
1. 安全研究员主动发现(署名)
| CVE | 发现者 | 漏洞类型 |
|---|---|---|
| CVE-2023-2640 | Stonejiajia、Shir Tamari、Sagi Tzadik | OverlayFS 权限检查不当 |
| CVE-2023-32629 | Shir Tamari、Sagi Tzadik | OverlayFS 权限检查不当 |
| CVE-2026-31431 | Ubuntu 安全团队(内部审计) | algif_aead Copy Fail |
2. 社区被动报告(未署名)
| CVE | 子系统 | 描述 |
|---|---|---|
| CVE-2026-23351 | io_uring | Several security issues discovered |
| CVE-2026-23274 | Netfilter | Several security issues discovered |
| CVE-2024-50060 | SMB | Several security issues discovered |
| CVE-2024-35862 | 未知 | Several security issues discovered |
3. 外部安全研究者(署名)
| CVE | 发现者 | 漏洞类型 |
|---|---|---|
| ngtcp2 栈溢出 | Zou Dikai | 固定 1024 字节栈缓冲区无边界检查 |
快速命令
# 查看当前内核版本
uname -r
# 查看已安装内核包
dpkg -l | grep linux-image
# 查看 USN 详情
# https://ubuntu.com/security/notices/USN-NNNN-N
# 下载 OVAL 数据(机器可读)
wget https://ubuntu.com/security/oval/com.ubuntu.focal.cve.stanza.xz
数据更新频率
- USN 通知:每工作日更新
- 建议每周抓取一次全量 CVE 列表做对比
完整漏洞数据
详细 CVE 列表、USN 引用和版本对应关系,见 references/cve-list.md。
Usage Guidance
Install only if you want an agent to help research Ubuntu kernel CVEs using public Ubuntu Security data. Because vulnerability data changes frequently, have the agent verify current CVE and USN status from official Ubuntu sources before acting on the included reference list.
Capability Assessment
Purpose & Capability
The stated purpose is to track Ubuntu Linux kernel CVEs, USNs, fix status, and discovery context; the artifact content matches that purpose and points to Ubuntu Security sources plus a local reference list.
Instruction Scope
Runtime instructions are limited to fetching public Ubuntu security pages, parsing CVE/USN data, and optionally checking local kernel package/version information; no prompt override, credential handling, or unrelated agent behavior was found.
Install Mechanism
The package contains only two markdown files, with no executable scripts, dependencies, install hooks, or package registry requirements.
Credentials
Suggested commands such as uname, dpkg query, web_fetch, and wget for Ubuntu OVAL data are proportionate to kernel CVE tracking and do not request broad local indexing or sensitive data access.
Persistence & Privilege
No persistence, background workers, privilege escalation, deletion, mutation of system files, credential/session access, or automatic execution is present.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install kernel-cve-tracker - After installation, invoke the skill by name or use
/kernel-cve-tracker - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Kernel CVE Tracker?
跟踪 Ubuntu Linux 内核 CVE 漏洞的工具技能。当用户需要以下操作时使用此技能:(1) 查询特定内核版本(如 5.10/5.15)的 CVE 列表和修复状态;(2) 分析 Ubuntu Security Notice (USN) 中的内核漏洞详情;(3) 获取漏洞发现方式(发现者/发现方法);(4)... It is an AI Agent Skill for Claude Code / OpenClaw, with 45 downloads so far.
How do I install Kernel CVE Tracker?
Run "/install kernel-cve-tracker" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Kernel CVE Tracker free?
Yes, Kernel CVE Tracker is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Kernel CVE Tracker support?
Kernel CVE Tracker is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Kernel CVE Tracker?
It is built and maintained by adnywang (@wjd6910502); the current version is v1.0.0.
More Skills