Re: Linux kernel: HFS+ filesystem implementation, issues, exposure in distros

[nightmare.yeah27 () aceecat org]

On Sun, Oct 05, 2025 at 08:23:21AM +0200, Greg KH wrote:

> That is the work we do to "triage" on a weekly basis.

> Again, not all bugfixes that go into the Linux kernel meet the
> cve.org definition of "vulnerability", and so, we do not mark all
> Linux bugfixes with a CVE.  If we were to do that, the rate of CVEs
> would be much higher than the current average of 13 per day (which
> if you look at applicability of those CVEs to your system, is on
> average, or a bit below, the other two major operating systems out
> there, so Linux is not an outlier at all.)

> Hope this helps explain things a bit better.  I think this means I
> need to write up even more documentation as to exactly how we do all
> of this work as this information isn't more widely known.

Yes, thank you. This in fact improved my understanding of the
situation a lot. I hope it also did so for others.

-- 
Ian