Don't miss out! Join us at our upcoming conference: Open Source Summit + AI_Dev: Open Source GenAI & ML Summit in Tokyo from October 28-29, 2024. Connect with peers as the community gathers to further the education and advancement of open source and GenAI. Learn more at https://events.linuxfoundation.org/op...

Linux Kernel CVEs, What Has Caused So Many to Suddenly Show Up? | Linux内核CVE漏洞，为什么突然出现这么多？ - Greg Kroah-Hartman, Kernel Maintainer & Linux Fellow

In Febuary the Linux kernel community took charge of issuing CVEs for any found vulnerability in their codebase. By doing this, they took away the ability for any random company to assign CVEs in order to make their engineering processes run smoother, and instead have set up a structure for everyone to participate equally.

This talk will go into how the Linux CVE team works, how CVEs are assigned, and how you can properly handle the huge number of new CVEs happening in a simple and secure way.

今年二月，Linux内核社区开始负责为其代码库中发现的任何漏洞发布CVE编号。通过这样做，他们剥夺了任何随机公司分配 CVE 的能力，以便使他们的工程流程更顺畅，取而代之的是建立了一个人人平等参与的结构。

本次演讲将介绍 Linux CVE 团队的工作方式，CVE 的分配过程，以及如何以简单且安全的方式妥善处理大量新出现的 CVE。