The Linux Kernel project’s new CVE Numbering Authority places a large burden on product manufacturers due to the assignment of CVEs for non-security issues. Our latest article discusses the complexities introduced by the new CVE assignment process, the challenges of frequent updates for electronic devices, and challenges that lay ahead for the engineering teams.

Read the article at https://www.amanitasecurity.com/posts/dear-linux-kernel-cna-what-have-you-done/