Documentation: Document the Linux Kernel CVE process

The Linux kernel project now has the ability to assign CVEs to fixed
issues, so document the process and how individual developers can get a
CVE if one is not automatically assigned for their fixes.

Reviewed-by: Kees Cook <>
Reviewed-by: Konstantin Ryabitsev <>
Reviewed-by: Krzysztof Kozlowski <>
Reviewed-by: Lukas Bulwahn <>
Signed-off-by: Sasha Levin <>
Signed-off-by: Lee Jones <>
Signed-off-by: Greg Kroah-Hartman <>
4 files changed