CVE ID speculation

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

CVE ID speculation

Art Manion
We've talked about CVE assignment and potential information leakage/speculation.  Just noting an active example of it happening.  I'm not sure there's much we can or should do about it, or that it's worth the investment over other efforts CVE could be working on, but it's part of the ID assignment service discussion at least.

https://newsroom.intel.com/articles/addressing-questions-regarding-additional-security-issues/

https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html

  - Art