Project: Multi-Vendor GPU Aggregation Layer for Linux (MVGAL) Last Updated: April 21, 2026 Contact: creategm10@proton.me

Security updates and patches are provided for the following versions:

Please do NOT report security vulnerabilities through public GitHub issues.

To report a security vulnerability in MVGAL:

1. Email: Report to creategm10@proton.me with the subject line [SECURITY] MVGAL Vulnerability

2. Include:

   • Version of MVGAL affected
   • Detailed description of the vulnerability
   • Steps to reproduce
   • Impact assessment
   • Any relevant logs or proof-of-concept code

3. Response Timeline:

   • Initial response within 48 hours
   • Vulnerability assessment within 72 hours
   • Patch or mitigation timeline provided based on severity
   • Public disclosure after fix is available (coordinated with reporter)

• Always run the latest version of MVGAL
• Install from official sources only
• Review the source code if building from source
• Monitor system logs when running MVGAL in production
• Use kernel module only from trusted sources

• All contributions must follow secure coding practices
• Vulkan/OpenCL/CUDA interception must not leak sensitive data
• Memory management must prevent use-after-free and double-free
• Thread safety must be maintained in all public APIs
• All external inputs must be validated

MVGAL implements the following security measures:

• MVGAL GitHub
• Security Advisories
• Code of Conduct

© 2026 MVGAL Project. Version 0.2.2 "Health Monitor". All Rights Reserved.