oss-sec mailing list archives

CVEs issued by the Linux kernel CNA

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 20 Feb 2024 15:30:28 -0800

As recently announced [1], kernel.org is now a CNA for the Linux kernel, and
today issued its first 8 CVEs, as seen in the archives of their mailing list
at https://lore.kernel.org/linux-cve-announce/ .

Their documentation [2] warns that we should expect a "seemingly large number
of CVEs that are issued by the Linux kernel team".

Since there's already an archived mailing list covering the CVE assignments,
I don't think it makes sense to mirror that large amount of traffic here, but
to only bring to oss-security those that are especially interesting or useful
to discuss further.  What do others think?

[1] http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna/
[2] https://docs.kernel.org/process/cve.html

--
        -Alan Coopersmith-                 alan.coopersmith () oracle com
         Oracle Solaris Engineering - https://blogs.oracle.com/solaris

Current thread:

CVEs issued by the Linux kernel CNA Alan Coopersmith (Feb 20)
- Re: CVEs issued by the Linux kernel CNA Marcus Meissner (Feb 21)
- Re: CVEs issued by the Linux kernel CNA Solar Designer (Feb 22)
  - Re: CVEs issued by the Linux kernel CNA Greg KH (Feb 22)
    - Re: CVEs issued by the Linux kernel CNA eduardo vela (Feb 24)
- Re: CVEs issued by the Linux kernel CNA Vegard Nossum (Mar 13)