cve/vulnerability.txt - pub/scm/linux/security/vulns - Git at Google

 Official CVE definition of vulnerability:
 	An instance of one or more weaknesses in a Product that can be
 	exploited, causing a negative impact to confidentiality, integrity, or
 	availability; a set of conditions or behaviors that allows the
 	violation of an explicit or implicit security policy.

 Relating to Linux, this means that anything that fixes a weakness or an
 unexpected result should be assigned a CVE.
	Official CVE definition of vulnerability:
	An instance of one or more weaknesses in a Product that can be
	exploited, causing a negative impact to confidentiality, integrity, or
	availability; a set of conditions or behaviors that allows the
	violation of an explicit or implicit security policy.

	Relating to Linux, this means that anything that fixes a weakness or an
	unexpected result should be assigned a CVE.