Language Selection

English French German Italian Portuguese Spanish

The inventor of Linux is furious at Intel

Submitted by Rianne Schestowitz on Thursday 4th of January 2018 06:50:58 PM Filed under
Security

Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he's become one of the loudest voices critical of Intel's handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.

"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.

Read more

Also: SUSE Responds to Meltdown and Spectre CPU Vulnerabilities in SLE and openSUSE

»

Debian, SUSE, Canonical

Submitted by Roy Schestowitz on Friday 5th of January 2018 12:45:55 AM.

Red Hat

Submitted by Roy Schestowitz on Friday 5th of January 2018 12:51:59 AM.
  • Red Hat responds to the Intel processor flaw

    These problems seem to have come about as a result of "speculative execution" -- an optimization technique that involves doing work before it is known whether that work will be needed. Correcting the vulnerabilities, therefore, comes at a performance price. More information on this tradeoff is available from this Red Hat post. Patches could slow down systems by as much as 30% -- a hit that most users are likely to feel. However, the specific performance impact will be workload dependent. To address Spectre in the short term, Red Hat has modified the kernel by default to not use the performance features that enable the vulnerability. Their customers do have the option to disable the patch and use the performance features. While Red Hat is working with chip manufacturers and OEMs on a longer-term solution, this option gives customers a way to make their own security and performance decisions

  • Red Hat, tech giants move to counter major security flaws Meltdown, Spectre

    Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.

    The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.

  • Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

    The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms, each requiring slightly different fixes. In many cases, these fixes also require microcode updates from the hardware vendors. Red Hat has delivered updated Red Hat Enterprise Linux kernels that focus on securing customer deployments. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Ubuntu and Canonical Leftovers

  • Ubuntu Podcast from the UK LoCo: S11E17 – At Seventeen - Ubuntu Podcast
    This week we make a snap of Xonotic, interview Daniel Foré from elementary OS about the Beta release of “Juno” and round up the news.
  • Launchpad news, June 2018
    Here’s a brief changelog for this month.
  • Make your Snap store page pop!
    When you publish a Snap you want to grab the attention of as many users as possible. The Snap Advocacy team regularly review high quality, new and interesting Snaps published in the store so that we can feature them in Editor’s Picks, blog about them here or promote them via social campaigns using the @snapcraftio and @ubuntu Twitter accounts. As a side note, if you’d like to stay informed of new developments in Snapcraft and Ubuntu then give both those accounts a follow. After you’ve tested the Snap and happy it works as intended, here are 6 things you can do to make the Snap store listing really pop and significantly increase the likelihood that the application will get noticed and widely used. Log into your Snapcraft account and take your store listing to the next level!
  • This Week in Lubuntu Development #6
    As announced on Episode 73 of the Ask Noah Show, Lubuntu is working with Altispeed Technologies to provide commercial support for users and organizations who need more support than our existing channels offer. More details will be provided in the future as the infrastructure for this is established.
  • How to install MyWebSQL on Ubuntu 16.04
  • How to install WordPress On Ubuntu 18.04 Bionic Beaver Linux

Graphics: AMDGPU, Wayland-Protocols 1.15 and Nouveau

  • More AMDGPU DRM Updates Sent In For The Linux 4.19 Kernel, Possible Power Savings
    Towards the end of June an initial batch of AMDGPU updates were sent in to DRM-Next for targeting the Linux 4.19 kernel. Now a second round of updates have been submitted of the AMDGPU/Radeon kernel for this next kernel series. This latest round of feature updates include making use of DRM core PCI Express (PCI-E) functionality rather than duplicating this PCI-E Gen/Lanes code, scheduler clean-ups, improved code documentation, reworking DC/PowerPlay interfaces in an effort to improve power-savings, initial stutter mode support for the Raven Ridge hardware as another power-savings feature, various PowerPlay updates for Vega 12, and fixes to the "GFXOFF" support that allow for shutting down the graphics engine when not needed.
  • AMDKFD Looking To Be Merged Into AMDGPU Linux DRM Kernel Driver
    While "AMDGPU" is often what is talked about when it comes to the Radeon graphics driver code within the Linux kernel with it being the Direct Rendering Manager (DRM) driver for AMD GCN graphics cards and newer, there is also the AMDKFD kernel driver that plays a vital role for compute support. AMDKFD is the AMD Kernel Fusion Driver (dating back to the days of AMD "Fusion") that is basically the AMD HSA compute driver within the kernel. AMDKFD is needed to work with the user-space ROCm/OpenCL compute components and in recent kernel releases is working out well just not for AMD APUs but also the discrete graphics cards. After relying upon out-of-tree kernel code for a while to get good compute support going, with Linux 4.17~4.18, things are looking bright.
  • wayland-protocols 1.15
    wayland-protocols 1.15 is now available. This version includes a new unstable protocol that enables clients to allow the compositor to draw window decorations.
  • Wayland-Protocols 1.15 Adds XDG-Decoration Protocol For Server-Side Window Decorations
    Wayland-Protocols 1.15 has been released that introduces the new (unstable) XDG-Decoration protocol for drawing window decorations with Wayland. The XDG-Decoration protocol is responsible for negotiating server-side rendering of window decorations for XDG top-level windows. By using this protocol, it provides a standardized way for Wayland compositors to draw window decorations and to send the preference to the clients. Clients can request server-side decorations with this protocol, which is based upon the server-side decoration work done so far by the KDE and Sway groups.
  • Maxwell & Newer Now Support Multi-Sampled Images For Nouveau NVC0
    The latest feature addition to the Nouveau Gallium3D driver is now supporting multi-sampled images for Maxwell graphics processors and newer.

PHP 7.3.0 Alpha 3 Released

  • PHP 7.3.0 alpha 3 Released
    The PHP team is glad to announce the release of the third PHP 7.3.0 version, PHP 7.3.0 Alpha 3. The rough outline of the PHP 7.3 release cycle is specified in the PHP Wiki. For source downloads of PHP 7.3.0 Alpha 3 please visit the download page. Windows sources and binaries can be found on windows.php.net/qa/. Please carefully test this version and report any issues found in the bug reporting system.
  • PHP 7.3 Alpha 3 Released
    The third alpha of this year's PHP7 update, PHP 7.3, is now available for evaluation. PHP 7.3 has been crafting improved PHP garbage collection, WebP support within the image create from string function, and a variety of other features and improvements. PHP 7.3 is looking very good in early benchmarks. PHP 7.3 Alpha 3 introduces a lot of bug fixes from core PHP to various extensions, min_proto_version/max_proto_version options added to OpenSSL for maximum/minimum TLS version protocol values, and various other code improvements.

Canonical Outs Major Kernel Security Updates for All Supported Ubuntu Linux OSes

Canonical released new kernel security updates for all supported Ubuntu Linux operating systems to address multiple security vulnerabilities discovered by various researchers. The new Linux kernel updates are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), as well as Ubuntu 14.04 LTS (Trusty Tahr) operating system series and they fix a total of 22 security vulnerabilities across all Ubuntu Linux releases. One of the most important issues fixed is an information leak vulnerability tagged as CVE-2018-7755 and discovered in Linux kernel's floppy driver, which could allow a local attacker to expose sensitive information (kernel memory). This issue affected Ubuntu 18.04 LTS, Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. Read more

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6