Greg Kroah-Hartman has announced that the kernel project has been accepted as a CVE numbering authority (CNA). The way that CVE numbers will be handled by the kernel is described in this documentation patch: As part of the normal stable release process, kernel changes that are potentially security issues are identified by the developers responsible for CVE number assignments and have CVE numbers automatically assigned to them. These assignments are published on the linux-cve mailing list as an...