Greg K-H

Looks like the AI companies have finally run out of money as they are asking various open source projects to test their closed source products for them for free. What could go wrong with giving access to an unknown tool to private code repos? If I didn't know better, I would think this is an elaborate phishing scam, or they have run out of data to scrape and need more training material. Gotta admire their brazenness...

@daniel:// stenberg:// It was an amazing honor to receive this, thank everyone so much, and for your great speech at the event. View quoted note →

Another post in my Linux kernel CVE process series, "How the Linux kernel security process works":

Linux Kernel Monkey Log

Linux kernel security work

Lots of the CVE world seems to focus on “security bugs” but I’ve found that it is not all that well known exactly how the Linux k...

The kernel CNA assigned their 10000th CVE last week, CVE-2025-68750 So far the "stats" look like: ``` Year Reserved Assigned Rejected A+R Returned Total 2019: 0 2 1 3 47 50 2020: 0 17 0 17 33 50 2021: 0 732 24 756 16 772 2022: 3 2041 47 2088 0 2091 2023: 1 1464 47 1511 0 1512 2024: 6 3069 96 3165 0 3171 2025: 73 2421 39 2460 0 2533 Total: 83 9746 254 10000 96 10179 ``` Note, the "year" is the year the bug was fixed in the kernel tree, NOT the year the CVE was applied for/assigned.