On Sat, Jul 08, 2023 at 10:47:21AM +0800, 周逸林 wrote: > Dear developer, I am a security researcher at Wuhan University. Recently I discovered a vulnerability in the driver of the USBcore module in the Linux kernel. This vulnerability will lead to an infinite loop in the probe process of the USB device, which will consume a lot of system resources. The vulnerability was found in kernel version 5.6.19 and tested to exist in the new 6.3.7 kernel version as well. I hope that after your review, you will be able to apply for a CVE number to disclose this vulnerability. If you need more detailed vulnerability information, please contact me. Thank you for your help. Hi, This is not the proper place to report security problems to at all. Please read the in-kernel documentation for how to do that (hint, email all the needed information to security@xxxxxxxxxx) AND the portion about how the kernel community does not do anything with CVEs in any form and can not assign them as MITRE wants nothing to do with the Linux kernel community. thanks, greg k-h
