LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A story of three kernel vulnerabilities

A story of three kernel vulnerabilities

Posted Feb 22, 2013 10:36 UTC (Fri) by ortalo (subscriber, #4654)
Parent article: A story of three kernel vulnerabilities

Am I mistaken or don't we have every other year a report showing that linux kernel security bugs are fixed very slowly? It started approximately since linux itself gained significant reputation in that area against proprietary operating systems (so nearly forever).
I think it's FUD. Admittedly that's an uninformed comment because I am so convinced of that, that I do not even take the time to read the reports in question anymore...
But I'd like to outline something factual: I see 2 CVE ids here from 2009.
In 2009 only, there were over 5500 CVE ids. The evolution of the number of CVE entries since 2000 is, in my opinion, a much more interesting topic [1].
Now my question for Trustwave: who funded that research?

Just my 2/5500 cents...

[1] BTW, I have a graph of that data at http://rodolphe.ortalo.free.fr/COURS_SE_2012_r3.pdf, page 15, but everyone can grab it from cve.mitre.org

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds