Well, perhaps because they asked me to cancel the CVE request I put in (which I still haven't gotten a response from) so that they would submit their own:
Brad Spengler wrote:
>> Let me get back to you on this.
> I've contacted the relevant people to request a CVE for the issue, as
> the previous bypass of mmap_min_addr was given a CVE back in 2007; this
> should be no different.
Can you cancel the request? I will assign one (faster), and provide you
with the proper credits in the errata.