kernel & security

Micka · June 5, 2018, 2:12pm

Hi, I would like to know if there is somewhere a website that tell if a version of a kernel is vulnerable from an attack ?

Michael,

dlech · June 5, 2018, 2:54pm

How about: https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33

RobertCNelson · June 5, 2018, 5:15pm

Spectre/Meltdown: kernel "fixes" and other mitigation's have NOT
landed for 32bit ARM...

Besides, the Kernel isn't the easiest to bypass..

Did you give root a password?
Did you change root's default password?

Side note:

the old 3.8.13 based kernel is vulnerable to lots of stuff..

Regards,

RobertCNelson · June 6, 2018, 10:03pm

Just landed in git:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=311da4975894aab7a4bb94aa83f38f052d7ffda4&utm=anz

Regards,

sjlongland · June 6, 2018, 10:26pm

Which attack?

Luther_Goh_Lu_Feng · August 13, 2018, 7:24am

Any idea who we can nudge to try and get the patch backported to the long term kernels? Greg Kroah-Hartman says that there hasn’t been any backporting word done yet

–Luther

RobertCNelson · August 13, 2018, 11:41am

What’s stopping you?

Regards,