Date: Wed, 3 Oct 2018 13:21:40 -0700 From: Seth Arnold <seth.arnold@...onical.com> To: oss-security@...ts.openwall.com Subject: Re: arm64 Linux kernel: Privilege escalation by taking control of the KVM hypervisor On Wed, Oct 03, 2018 at 08:57:05AM +0200, Florian Weimer wrote: > > On Tue, Oct 02, 2018 at 05:07:14PM +0100, Will Deacon wrote: > >> There has not yet been a CVE requested for this (mainly because I don't know > >> how to do it). > > > > Please use https://cveform.mitre.org/ thanks. > > Would DFW work as well? > > <https://github.com/distributedweaknessfiling/cvelist> > > I'm asking because the Rust people tried to get an ID from there, but > apparently never got a reply. In my experience the MITRE form is significantly more reliable and faster mechanism than the DWF form. I realize this is perhaps a chicken-and-egg problem, where DWF might not be fast until they get enough traffic that they have to be fast, but MITRE is fast *today*, so any individual CVE requestor is probably better suited to use MITRE. Thanks Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.