On Monday 2026-01-12 04:09, Jacob Bachmeyer wrote: > > In short, this is a crash bug, but not a security issue. This is different > from (for example) a parser bug that results in NULL being dereferenced if > crafted input is processed. > > Are we now using CVE IDs as some kind of global bug tracker?
Isn't that how the Linux kernel works these days, as per <https://docs.kernel.org/process/cve.html>: "almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed"
