The Linux developers has made a lot of progress in dealing with the Meltdown and Spectre. That’s good, but there’s a lot of work left to be done.
Linux developers are not happy about either problem. They were not kept in the loop, and they had to rush patches out to mitigate the security holes. As Greg Kroah-Hartman, maintainer of the Linux stable branch wrote, this is “a textbook example of how not to interact with the Linux kernel community properly. The people and companies involved know what happened, and I’m sure it will all come out eventually, but right now we need to focus on fixing the issues involved, and not pointing blame, no matter how much we want to.”
So, where are we with fixing the problems? Work is continuing, but the latest update of the stable Linux kernel, 4.14.2, has the current patches. Some people may experience boot problems with this release, but 4.14.13 will be out in a few days.
Patches have also been added to the 4.4 and 4.9 stable kernel trees. But, as Kroah-Hartman added, “This backport is very different from the mainline version that is in 4.14 and 4.15, there are different bugs happening.” Still, he said, “Those are the minority at the moment, and should not stop you from upgrading.”
If you’re running Linux distribution with an older Linux kernel, stop. No patches for you!
Source: http://www.zdnet.com/article/the-linux-vs-meltdown-and-spectre-battle-continues/
Submitted by: Arnfried Walbrecht
Comments are closed.