Please enter url.

The kernel becomes its own CNA

submited by
Style Pass
2024-02-13 19:30:07

As part of the normal stable release process, kernel changes that are potentially security issues are identified by the developers responsible for CVE number assignments and have CVE numbers automatically assigned to them. These assignments are published on the linux-cve mailing list as announcements on a frequent basis. Note, due to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team are overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team. (Log in to post comments)

Note, due to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team are overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team.

Read more lwn.net/Arti...
Share :  
Leave a Comment
Related Posts

Maximize your concurrent web server connections

Comment

Explainer: macOS scheduled background activities

Comment

A local root kernel vulnerability

Comment

Alyssa Rosenzweig on Twitter: "Bare metal Apple M1 Debian at 4K@60. Display driver development, day #7. A million thanks to @svenpeter42 for helping me tread water in the Linux kernel driver deep end and to @marcan42 for reverse-engineering the Apple display controller.… https://t.co/afo33YfyV8"

Comment

Drew DeVault's blog published a review of the Pinebook Pro on May 14, 2021.

Comment

Devs on Acid - 10 years Sabotage Linux - The history of the first musl-based distro

Comment

Newsletter 101 - July 2021 news

Comment

Warner's Random Hacking Blog

Comment

blog dds: 2021-06-18 — The Evolution of the Unix System Architecture

Comment

aporia-ai / mlplatform-workshop

Comment
Recent Posts

Black Holes Can’t Be Created by Light

Comment

Government to pay ex-FBI agent $1.2 million in settlement over release of anti-Trump texts

Comment

Transmeta - Wikipedia

Comment

Alex Ghiculescu's Newsletter

Comment

The Physics of Cold Water May Have Jump-Started Complex Life

Comment

The rise of the analytics pretendgineer - by Benn Stancil

Comment

Make Good Stubs with Stateful Property Testing

Comment

Haskell Nuggets: k-means · in Code

Comment

Airask - Chrome Web Store

Comment

Testing Apps with TestFlight

Comment

Sustainable Real Estate

Comment

How to increase the rate of plastics recycling

Comment

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Comment

Researchers capture never-before-seen view of gene transcription

Comment

Cup o' Go

Comment

All Good Things Must Come to an End...

Comment

Near-Grounding Incident in Great Barrier Reef Attributed to GPS Malfunction

Comment

Television Camera at the Berlin Olympics (1936)

Comment

The Million Veteran Program is closing hard-to-fill gaps in DNA research

Comment

ISPs seeking government handouts try to avoid offering low-cost broadband

Comment