NEWS
Intel Releases Linux Patch for Alder Lake Thread Director
The Performance and Efficiency cores within Intel's Adler Lake CPUs have received patches to dramatically increase performance with the Linux operating system.
Soon after Microsoft released Windows 11, it became clear that the Linux operating system lagged behind the competition in performance. The reason for this was because Linux lacked adequate support for Intel's Thread Director technology (created from the Enhanced Hardware Feedback Interface), which grants proper access to the high-performance Golden Cove cores and the energy-efficient Gracemont cores.
The current firmware for Linux relies on an algorithm to plan which P/E cores are utilized by the ITMT/Turbo Boost Max 3.0 driver. That method is not nearly as efficient as Intel's new patch. The company explains the patch by saying:
"The Intel Hardware Feedback Interface (HIFI) provides information about the performance and energy efficiency of each CPU in the system. It uses a table that is shared between hardware and the operating system. The contents of the table may be updated as a result of changes in the operating conditions of the system (e.g., reaching a thermal limit) or the action of external factors (e.g., changes in the thermal design power)."
The HIFI calculates the power efficiency and performance of the CPU, gives the core a numerical value, and communicates that information to the operating system.
This new set of patches is still in the revision stage and there has yet to be an announcement as to when they will be made available to the kernel (or if they'll make it into version 5.17). Read more about this update on https://lore.kernel.org/lkml/20211220151438.1196-1-ricardo.neri-calderon@linux.intel.com/.
New Multiplatform Backdoor Malware Targets Linux, macOS, and Windows
The first signs of SysJoker appeared in December 2021, when researchers at Intezer were investigating an attack on a Linux web server. This malware is written in C++ and each variant is specifically tailored for the operating system it attacks. VirusTotal was unable to detect the malware, even using 57 different detection engines.
Once the malware has been deployed, it fetches the SysJoker zip file from GitHub, unpacks it, and executes the payload. The payload gathers information about the machine, stores and encodes the results in a JSON object, creates persistence, reaches out to a C2 server (using a hard-coded Google Drive link, where the server is instructed to install additional malware), and runs commands on the infected device.
Intezer has provided a list of indicators for SysJoker for each operating system. On Linux, the files and subdirectories are created under /.Library/
and persistence is created with the cron job @reboot (/.Library/SystemServices/updateSystem)
. If you discover such a cron job, it's imperative that you kill all related processes, manually delete the files and cron job, scan the system to ensure all malicious files have been removed, and check for any weakness that might have allowed the attackers access to your server.
Find out more about SysJoker in the original Intezer report (https://www.intezer.com/blog/malware-analysis/new-backdoor-sysjoker/).
WhiteSource Releases Free Log4j Detection Tool
As the Log4j vulnerability continues to wreak havoc on the IT landscape, everyone is trying to prevent disaster from striking. A number of companies and development teams have released tools to help with the detection and remediation of the vulnerability. One such company is WhiteSource. Their new tool, Log4j Detect (https://github.com/whitesource/log4j-detect-distribution), is an open source command-line utility that scans your projects to detect the following known CVEs:
- CVE-2021-45046
- CVE-2021-44228
- CVE-2021-4104
- CVE-2021-45105
Once the scan is complete, it will report back the exact path of the vulnerable files as well as the fixed version you'll need to remediate the issue. Log4j Detect should be run within the root directory of your projects and will also search for vulnerable files with both the .jar
and .gem
extensions. Log4j Detect supports the Gradle, Maven, and Bundler package managers.
In order for Log4j Detect to run properly, you'll need to install either gradle
(if the project is a Gradle project) or mvn
(if the project is a Maven project). The developers have also indicated both Maven and Bundler projects must be built before scanning. Once you have Log4j Detect installed, the scan can be issued with the command log4j-detect scan -d PROJECT
(where PROJECT
is the directory housing your project).
For more information about this tool, make sure to read through the project README (https://github.com/whitesource/log4j-detect-distribution/blob/main/README).md).
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
![Learn More](https://www.linux-magazine.com/var/linux_magazin/storage/images/media/linux-magazine-eng-us/images/misc/learn-more/834592-1-eng-US/Learn-More_medium.png)
News
-
NVIDIA Released Driver for Upcoming NVIDIA 560 GPU for Linux
Not only has NVIDIA released the driver for its upcoming CPU series, it's the first release that defaults to using open-source GPU kernel modules.
-
OpenMandriva Lx 24.07 Released
If you’re into rolling release Linux distributions, OpenMandriva ROME has a new snapshot with a new kernel.
-
Kernel 6.10 Available for General Usage
Linus Torvalds has released the 6.10 kernel and it includes significant performance increases for Intel Core hybrid systems and more.
-
TUXEDO Computers Releases InfinityBook Pro 14 Gen9 Laptop
Sporting either AMD or Intel CPUs, the TUXEDO InfinityBook Pro 14 is an extremely compact, lightweight, sturdy powerhouse.
-
Google Extends Support for Linux Kernels Used for Android
Because the LTS Linux kernel releases are so important to Android, Google has decided to extend the support period beyond that offered by the kernel development team.
-
Linux Mint 22 Stable Delayed
If you're anxious about getting your hands on the stable release of Linux Mint 22, it looks as if you're going to have to wait a bit longer.
-
Nitrux 3.5.1 Available for Install
The latest version of the immutable, systemd-free distribution includes an updated kernel and NVIDIA driver.
-
Debian 12.6 Released with Plenty of Bug Fixes and Updates
The sixth update to Debian "Bookworm" is all about security mitigations and making adjustments for some "serious problems."
-
Canonical Offers 12-Year LTS for Open Source Docker Images
Canonical is expanding its LTS offering to reach beyond the DEB packages with a new distro-less Docker image.
-
Plasma Desktop 6.1 Released with Several Enhancements
If you're a fan of Plasma Desktop, you should be excited about this new point release.