oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request: kernel: btrfs heap

Re: [oss-security] CVE request: kernel: btrfs heap overflow

From: Moritz Muehlenhoff <jmm_at_nospam>
Date: Wed Feb 09 2011 - 17:25:06 GMT
To: oss-security@lists.openwall.com

On Wed, Feb 09, 2011 at 10:49:35AM -0500, Dan Rosenberg wrote:
> I'm not aware of any distributions that support 2.6.37 kernels, but as
> far as I know this doesn't affect CVE eligibility (please correct me
> if I'm wrong).

The usual criteria for Linux kernel CVE assignments was/is if the
issue affects a released kernel, not if it's supported by someone,
i.e. if it had been introduced in 2.6.38-rc1 it would not receive
a CVE ID.

Cheers,
        Moritz