[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: upcoming intel issue

On 1/3/18 3:00 PM, Kurt Seifried wrote:
So the thing that's in the news, assuming it has CVEs, can we make sure 
they are populated to the CVE database asap, and if Intel does not do 
we have a plan B (e.g. MITRE writes them up?).

Also in general I think we should probably figure out some guidelines 
for these high visibility issues, e.g. encourage the original CNA to 
get them into the database asap, and have a plan B in case they don't 
(e.g. MITRE or someone else with info writes them up? first come first 
served? trusted parties only? or?).

Indirectly related, I'd concede that this is a hardware vulnerability, 
even if patches are coming from operating system vendors.

 - Art

Page Last Updated or Reviewed: January 09, 2018