Linux kernel CVE analyzer: upload a .config, get a CycloneDX VEX report of affecting CVEs.
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Linux kernel CVE analyzer: upload a .config, get a CycloneDX VEX report of affecting CVEs.