Rich Freeman on 24 Aug 2018 18:25:08 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Major Linux kernel update for all current canonical versions.


On Fri, Aug 24, 2018 at 9:16 PM Will <staticphantom@gmail.com> wrote:
>
> For funsies. Look at the comment Linus made about lvm in in the latest kernel release. Someone recommended an older kernel for reliability. Comedy ensues.
>

Nothing wrong with using older kernels...as long as it is an
up-to-date LTS kernel.  Looks like 4.4.152 is current.  3.16.57 is
listed as a longterm, but it hasn't been updated since June, and I
know the latest Intel patch would be more recent than that, and I'm
sure it affects all past kernels (it is a CPU flaw).

One issue with linux is that upstream doesn't officially track
security bugs against kernel releases, so it is actually pretty
painful to determine what is/isn't fixed.  For the recent CPU
vulnerabilities you can check /sys/devices/system/cpu/vulnerabilities/
and find out what vulnerabilities your kernel knows about and whether
you're fully protected (some require microcode updates depending on
your CPU in addition to a recent kernel, and some also require
compiling with a fairly recent version of gcc).  If l1tf is listed in
that directory, and all the files say either not affected or
mitigation then you're good, at least for the moment for this year's
CPU headliners...

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug