Subj : White paper: Vendor Kernels, Bugs and Stability
To   : All
From : LWN.net
Date : Fri May 17 2024 14:30:06

White paper: Vendor Kernels, Bugs and Stability

Date:
Fri, 17 May 2024 13:24:41 +0000

Description:
Ronnie Sahlberg, Jonathan Maple, and Jeremy Allison of CiQ have published a 
white
paper looking at the security-relevant bug fixes applied (or not applied) to 
the RHEL8.x kernel over time. This means that over time, the security of the 
RHEL kernels get
	worse and worse as more issues are discovered in the upstream code
	and are potentially exploitable but fewer and fewer of the fixes
	for these known bugs are back-ported into RHEL kernels. After 
reaching RHEL 8.7, the theory is that the kernel has been
	stabilized, with a corresponding improvement in security. However
	we still have an influx of newly discovered bugs in the upstream
	kernel affecting RHEL 8.7 that are not addressed. Each minor
	version of upstream is released on an approximately quarterly basis
	and we can see that the influx of new bugs that are unaddressed in
	RHEL is growing. The number of known issues in these kernels
	increases by approximately 250 new bugs per quarter or more.

======================================================================
Link to news story:
https://lwn.net/Articles/973996/


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)

.