Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Well, I'm sure there are people in Nigeria who never heard of Linux, but that didn't stop you from claiming it's taken over the world.
According to Google, 74% of the smart phones in Nigeria are running Android, which I'm sure you know uses the Linux kernel... So it seems you're wrong again!
According to Google, 74% of the smart phones in Nigeria are running Android, which I'm sure you know uses the Linux kernel... So it seems you're wrong again!
Just because Android uses Linux doesn't mean that everyone in Nigeria has heard of Linux.
How can I be wrong again if I wasn't wrong the first time?
As a non-American, I've never heard of Purdue Pharma,
BTW you may want to educate yourself. While they did not kill quite as many people as Covid did in the US, if you factor in the life expectancy, I'm sure they have outdone Covid.
As delightful as that trip to Nigeria was, back to your question:
Quote:
Originally Posted by max.b
In 2017, 449 vulnerabilities were discovered in the kernel.
[aside] Why did you choose to pick 2017? Interesting. [/aside]
Most of the CVEs are for specific drivers.
From the link you posted, I note that the last 'general' (i.e: not device specific) security vulnerability in the Linux kernel was reported in 2015.
The answer to your question is: If you own a piece of hardware which is affected by a security vulnerability, then yes, you should upgrade the kernel. If not, I'd probably not be too concerned. Other reasons to upgrade might be added support for a piece of hardware you have, or added features, like the recent addition of NTFS support.
Security holes tend to get patched very quickly, so running the latest version will ensure that you're covered. Otherwise, you can look at the changelogs to see what has been added or changed and decide for yourself.
The good folks who maintain your "distro" are constantly on the lookout for new vulnerabilities, and they very quickly prepare "security updates" for you to please immediately apply. (As does Microsoft, and as does Apple, IBM, etcetera.)
The most convenient thing to do is to set up your system so that it automatically installs these "security updates" as soon as they are published. (This admonition is true of all operating systems, and your cell phones as well.)
From the link you posted, I note that the last 'general' (i.e: not device specific) security vulnerability in the Linux kernel was reported in 2015.
You are making stuff up as you go. I can see that. But why???
On the off chance that you're simply very confused, here's one this month, just as a for-instance:
Quote:
CVE-2021-43267
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Publish Date : 2021-11-02 Last Update Date : 2021-11-06
Can't we just ban max.b?
From kernel vulnerabilities to bashing Torvalds to Big Pharma to Nigeria and Covid in a heartbeat, all instigated by OP.
This is very obviously going nowhere.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.