Starting to write up a series of articles about the Linux kernel CVE work that has happened in the past 2 years, starting with some "back to basics" information about how Linux kernels are numbered as many people/companies really don't know how we do this, and it matters a lot in tracking bugfixes and how to determine "vulnerable" and "fixed" kernel releases:
and
Linux Kernel Monkey Log
Linux CVEs, more than you ever wanted to know
It’s been almost 2 full years since Linux became a CNA (Certificate Numbering
Authority) which
meant that we (i.e. the kernel.org community) ...
Linux Kernel Monkey Log
Linux kernel version numbers
Despite having a stable release model and cadence since December 2003, Linux
kernel version numbers seem to baffle and confuse those that run acros...
