Date: Tue, 3 Jul 2018 17:13:14 +0200 From: Alexander Potapenko <glider@...gle.com> To: Vladis Dronov <vdronov@...hat.com> Cc: oss-security@...ts.openwall.com Subject: Re: CVE-2018-1000204: Linux kernel 3.18 to 4.16 infoleak due to incorrect handling of SG_IO ioctl On Tue, Jun 26, 2018 at 6:54 PM Vladis Dronov <vdronov@...hat.com> wrote: > > Hello, Alexander, > > > > I may not got smth correctly, but for now I do not see CVE-2018-1000204 > > > as a security flaw and I believe a reject request to MITRE should be > > > issued. > > How do I proceed with this? > > I believe it is: https://cveform.mitre.org/ -> Request an update to an existing > CVE Entry -> Rejection I've issued a reject request, but the CVE entry is currently marked as "Disputed" (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000204) Not sure if that's the desired result. > Best regards, > Vladis Dronov | Red Hat, Inc. | Product Security Engineer > -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ