oss-sec mailing list archives
Re: CVE request - kernel: ima: fix null pointer dereference
From: Eugene Teo <eugene () redhat com>
Date: Wed, 10 Feb 2010 00:16:58 +0800
On 02/10/2010 12:13 AM, Mark J Cox wrote:
Do we need CVE numbers for issues that never showed up in a released kernel version? I don't see how this could affect anyone, unless they were foolish enough to ship a product on a non-released kernel :)You got a point there, but I requested this in order to keep track of security issues that we might need to backport in our future kernels.It shouldn't get a CVE name. If someone at some point in the future ships a vulnerable version (by selective backporting, or similar) then it would get a name. Cheers, Mark
Thanks for clarifying. Eugene -- Eugene Teo / Red Hat Security Response Team
Current thread:
- CVE request - kernel: ima: fix null pointer dereference Eugene Teo (Feb 07)
- Re: CVE request - kernel: ima: fix null pointer dereference Greg KH (Feb 09)
- Re: CVE request - kernel: ima: fix null pointer dereference Eugene Teo (Feb 09)
- Re: CVE request - kernel: ima: fix null pointer dereference Mark J Cox (Feb 09)
- Re: CVE request - kernel: ima: fix null pointer dereference Eugene Teo (Feb 09)
- Re: CVE request - kernel: ima: fix null pointer dereference Greg KH (Feb 09)
- Re: CVE request - kernel: ima: fix null pointer dereference Eugene Teo (Feb 09)
- Re: CVE request - kernel: ima: fix null pointer dereference Greg KH (Feb 09)