oss-sec mailing list archives
Re: Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host hang
From: cve-assign () mitre org
Date: Mon, 2 Dec 2013 18:35:24 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This was sent by MITRE as part of the CVE assignment. It seems likely to us (the Xen Project security team) that the CVE assignment was a consequence of our embargoed predisclosure to xen-security-issues.
MITRE typically does not know about multi-party embargo arrangements affecting Linux vendors and various other vendors, and did not know about any multi-party embargo arrangement in this case. If anyone who is regularly involved in vulnerability remediation affecting the open-source community asks MITRE to send an announcement of a CVE assignment to oss-security, we send that announcement without any investigation of disclosure restrictions. Although it is unfortunate if such an announcement had an adverse effect on a planned disclosure timeline, we feel that this is an isolated case and does not mean that we need to reevaluate our approach. Also, once an issue is mentioned on oss-security by anyone, we consider the issue fully public and we sometimes proceed to publish a CVE immediately. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJSnRcQAAoJEKllVAevmvmshl8H/0d/jkBYZP11YbWOzTXQrKGj exCXvUaC6BOukr1+u1eh7GR1W98NY5S7DT3oHDu0DzAfJ2iR4AAM0513V9mCUo/f LBBGsw+pyzPKeI5UQdXJ8GQ0Ut/WlbMB4qj0+ZuwKjCKFCdir2Xx7H0H3Ptb3qik 38JgvO+bpMxDWnrF+Nh6SkuocB9jXuDCbCGO5Q4jaj1CcExmaRV9H8A0O4VbvtTj VQa+eY48H7WpBqKUrKylo/zZT5pBs/3tH0FSymiGLP9aFCDAl5xazf9LWq3iow/D AND3rDNlEzmDJ8zSHzx0wrvHTW8xMpj3KAk3z4D8G8XTmw7reltAVo1eGPmL6S0= =ouMl -----END PGP SIGNATURE-----
Current thread:
- Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host hang Xen . org security team (Dec 02)
- Re: Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host hang Ian Jackson (Dec 02)
- Re: Xen Security Advisory 82 (CVE-2013-6885) - Guest triggerable AMD CPU erratum may cause host hang cve-assign (Dec 02)