Re: [RFC] syzkaller/docs: reporting kernel security bugs guide
From: Greg KH
Date: Mon Nov 11 2024 - 09:42:40 EST
On Mon, Nov 11, 2024 at 03:37:27PM +0100, Greg KH wrote:
> On Mon, Nov 11, 2024 at 06:24:36PM +0500, Sabyrzhan Tasbolatov wrote:
> > Hello,
> >
> > Greg,
> > Could you please confirm that the updated version of
> > reporting Linux kernel security bugs guide is correct
> > since kernel.org is CNA as of February 13, 2024 and
> > with linux-cve-announce reference?
> >
> > The updated doc and drawn diagram is available
> > in this PR of syzkaller project:
> > https://github.com/google/syzkaller/pull/5461
>
> I can't read this mess:
> https://github.com/google/syzkaller/pull/5461/commits/35b45ef3c4600fd62f5d05a17fc6855fc0b5e402
>
> So I have no idea, sorry.
Ah, the graph is at the bottom of the page, kind of messy...
Anyway, as I have stated numerous times, I DO NOT RECOMMEND EVER
CONTACTING the linux-distros mailing list for lots of various reasons.
You do so at your own risk and liability (i.e. doing so imparts a number
of requirements on you!) So be VERY VERY VERY careful to ever tell
anyone to do so as the side affects can be very bad in some cases (i.e.
they "blackmail" you to release information even if you don't have a
fix.)
good luck!
greg k-h