NEWS
NEWS
Linux Kernel continues to offer mitigation for Spectre Mitigation, SpeakUp Trojan targets Linux servers, KDE Plasma 5.15 beta arrives, Canonical announces latest Ubuntu Core for IoT, vulnerabilities found in Cisco routers, two new malware campaigns, and US government shutdown ties up $139.2 million in grant funding.
Linux Kernel Continues to Offer Mitigation for Spectre Mitigation
Usually, you want to mitigate all possible vulnerabilities unless you are talking about Meltdown and Spectre which are a class or family of dozens of vulnerabilities. But what sys admins hate more than these vulnerabilities are mitigations offered to these vulnerabilities (https://www.zdnet.com/article/linux-kernel-gets-another-option-to-disable-spectre-mitigations/). Some of these mitigations have a massive impact on performance, while not offering any significant protection.
Gauging the pros and cons, sys admins have gone as far as asking the Linux kernel community to give them an option to disable these mitigations (https://www.phoronix.com/scan.php?page=news_item&px=Global-Switch-Skip-Spectre-Melt). The Linux kernel community always listens.
Linux Kernel 4.15 added the ability for sys admins to disable the kernel's built-in mitigations for the Spectre v2 vulnerability, then Linux Kernel 4.17 offered the option to disable all mitigations for Spectre v4, and now Linux Kernel 4.19 allows admins to disable mitigations for Spectre v1.
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
EU Open Source Strategy Plays Key Role in Tech Sovereignty Package
Comprehensive measures adopted by the European Commission aim to reduce dependency on non-EU countries.
-
Linux Foundation Report Indicates AI Driving Tech Hiring
Within growing security and skills gaps, AI has been found to be a positive driving force behind tech hiring trends in Europe.
-
United Nations Open Source Portal Goes Live
A new open source portal seeks to coordinate and scale open source efforts across the United Nations system.
-
KDE Linux Drops AUR
KDE Linux developers have dropped the Arch User Repository from the build pipeline due to security concerns; other distributions should consider doing the same.
-
California May Exempt Linux from Its Age-Verification Law
After backlash from the Linux community, California may be backing off on its promise to force all operating systems to verify age, but one platform may still have to comply.
-
Another Logic Bug Found in Linux Kernel
Qualys has discovered a vulnerability in the Linux kernel that can be used to elevate standard user privileges.
-
Ubuntu Core 26 Offers Game-Changing Enterprise Features
Ubuntu Core 26 could be a game-changer for organizations looking for increased security and reliability.
-
AI Flooding the Linux Kernel Security Mailing List
AI is giving Linus Torvalds a headache, but not in the way you might think.
-
Top Priorities for Open Source Pros Seeking a New Job
Professional fulfillment tops the list, according to LPI report.
-
Container-Based Fedora Hummingbird Designed for Agent-First Builders
Fedora Hummingbird brings the same approach to the host OS as it does to containers to level up security.