Guidelines to Vulnerability reporting
Arm Neoverse reference design software solutions are example software projects containing downstream versions of open source components. Although the components in these solutions track their upstream versions, users of these solutions are responsible for ensuring that, if necessary, these components are updated before use to ensure they contain any new functional or security fixes that may be required.
If you think you have found a security vulnerability in a specific open source project which is part of the software stack, it is recommended to follow the vulnerability reporting guidelines specified by the respective project.
If you think you have found a security vulnerability as part of the Neoverse Reference Design platform software stack and does not fall into any specific open source project, then please report by email at arm-security@arm.com specifying the project name as “Neoverse Reference Design Platform Software”. More details can be found at Arm Developer website.
Copyright (c) 2021-2024, Arm Limited. All rights reserved.