Bug classification
Bug classification
Bug impact levels
- Critical
- Functional error that makes an entire subsystem unusable.
- or a vulnerability that allows a remote attacker to cause DoS or execute code/commands without authentication.
- There is no workaround or it still amounts to making a subsystem unusable (e.g., the only way to avoid arbitrary code execution is to disable the vulnerable subsystem).
- If a bug makes VyOS completely unusable on any supported platform (e.g., it fails to boot on it), it's automatically considered critical.
- Major
- Functional error that makes specific configurations completely unusable.
- or a vulnerability that doesn't allow attackers to gain control of the system but can be exploited remotely to cause functionality degradation (complete process crash or overload).
- A workaround may exist but isn't easy to execute (e.g., changing a sysctl option outside of the CLI fixes the problem)
- Minor
- Functional error that causes functionality degradation.
- or a vulnerability that can only be exploited from the local system (since all users are admin users in VyOS now, they can kill -9 any process or edit any file anyway).
- There is an easy workaround within the VyOS CLI (e.g., changing a config option from its default fixes the problem).
- Trivial
- Has no impact on functionality (e.g., formatting issue in command output).
A workaround is a sequence of commands that users can execute on existing systems to make the bug go away (an updated package or a patch to apply in-place is a hotfix, that's a different story).
Mitigation procedures for bugs in LTS releases
- Critical — immediate notification (if it's a vulnerability, a private email notification is sent to customers first), maintenance release ASAP.
- Major — maintenance release ASAP, but no immediate notification necessary.
- Minor — routine inclusion in the next maintenance release.
- Trivial — may be left unfixed if higher priority issues exist.
Tags
None
Referenced Files
None
Subscribers
None
- Last Author
- dmbaturin
- Last Edited
- Feb 15 2024, 3:37 PM