Hi Oliver, I submitted an updated description. I will inform you when I receive an update. Best regards, Alex On 1/7/19 5:59 PM, Oliver Hartkopp wrote: > Hi Alex, > > would you like to update the CVE Entry? > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3701 > > We have an updated patch [V3]: > https://marc.info/?l=linux-can&m=154661373231510&w=2 > > A valid Linux upstream commit: > https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=0aaa81377c5a01f686bcdb8c7a6929a7bf330c68 > > > And this wrong statement about unprivileged users should be fixed in > the CVE: "An unprivileged user can trigger a system crash (general > protection fault)." > See here: https://marc.info/?l=linux-can&m=154654393511598&w=2 > > Maybe the commit message of the final patch could be a good starting > point to rephrase the CVE description. > > Many thanks, > Oliver > > > On 1/4/19 3:28 AM, mutton eat wrote: >> Thanks a lot! >> >> alex <atoptsoglou@xxxxxxx <mailto:atoptsoglou@xxxxxxx>> 于2019年1月3日周 >> 四 下午11:59写道: >> >> Dear all, >> >> Just received it --> CVE-2019-3701 >> >> Best regards, >> >> Alex >> >> On 1/3/19 2:56 PM, alex wrote: >> > Dear all, >> > >> > Just submitted a CVE request. >> > >> > Best regards, >> > >> > Alex >> > >> > -- Alexandros Toptsoglou <atoptsoglou@xxxxxxx> Security Engineer OpenPGP fingerprint: C270 3848 AA4A 783A 9848 BB06 56A3 3D9C B652 1869 SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
Attachment:
signature.asc
Description: OpenPGP digital signature
