The term refers to the attack method on a cipher and belongs to the class of so-called known-plaintext attacks. One tries to discover and exploit simple (“linear”) dependencies between the bits of the plaintext and the ciphertext in order to obtain information about the key.