[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: Crash Analysis: Finalizer Logic in singlestep function can lead to Sandbox Escape Exploit
- From: "Pierre Chapuis" <catwell@...>
- Date: Thu, 09 Dec 2021 12:51:40 +0100
On Thu, Dec 9, 2021, at 11:47, Roberto Ierusalimschy wrote:
>> By the way, If you plan the patch to be applied in version 5.4.5 or later,
>> may I report this crash into MITRE?
> Yes, we plan to fix it in version 5.4. I am not sure I know what is
> MITRE, but the report is already public.
MITRE is the organization that maintains the CVE list. Reporting
something to them means assigning a CVE number to the bug.