Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 22 Oct 2017 13:21:19 +0200
From: Marius Bakke <mbakke@...tmail.com>
To: Noam Rathaus <noamr@...ondsecurity.com>, oss-security@...ts.openwall.com
Subject: Re: Netlink XFRM socket subsystem NULL pointer dereference

Noam Rathaus <noamr@...ondsecurity.com> writes:

> Hi,
>
> I was forwarded by:
> Dan Carpenter <dan.carpenter@...cle.com>
>
> To you regarding obtaining a CVE for the mentioned (in the title)
> vulnerability
>
> I know a patch is being created and placed into mainstream code of the
> Kernel
>
> I would like also to get a CVE for it, so that we can put that in the
> advisory we will release

Unfortunately CVE IDs are not assigned through this list anymore.
Please use <https://cveform.mitre.org/> to request a CVE.

> Do we need to give you the full technical writeup of the vulnerability?

It's by no means required, but it would be appreciated if you could get
back to this list with the advisory and CVE identifier when ready.

Download attachment "signature.asc" of type "application/pgp-signature" (488 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.