NEWS
NEWS
Linux Kernel continues to offer mitigation for Spectre Mitigation, SpeakUp Trojan targets Linux servers, KDE Plasma 5.15 beta arrives, Canonical announces latest Ubuntu Core for IoT, vulnerabilities found in Cisco routers, two new malware campaigns, and US government shutdown ties up $139.2 million in grant funding.
Linux Kernel Continues to Offer Mitigation for Spectre Mitigation
Usually, you want to mitigate all possible vulnerabilities unless you are talking about Meltdown and Spectre which are a class or family of dozens of vulnerabilities. But what sys admins hate more than these vulnerabilities are mitigations offered to these vulnerabilities (https://www.zdnet.com/article/linux-kernel-gets-another-option-to-disable-spectre-mitigations/). Some of these mitigations have a massive impact on performance, while not offering any significant protection.
Gauging the pros and cons, sys admins have gone as far as asking the Linux kernel community to give them an option to disable these mitigations (https://www.phoronix.com/scan.php?page=news_item&px=Global-Switch-Skip-Spectre-Melt). The Linux kernel community always listens.
Linux Kernel 4.15 added the ability for sys admins to disable the kernel's built-in mitigations for the Spectre v2 vulnerability, then Linux Kernel 4.17 offered the option to disable all mitigations for Spectre v4, and now Linux Kernel 4.19 allows admins to disable mitigations for Spectre v1.
[...]
Buy this article as PDF
(incl. VAT)