Security

Slackware Releases L1TF Mitigation Updates for v14.2

The Slackware Linux Project team has just released kernel updates for its Slackware version 14.2 which was initially released on the first of July this year. According to the advisory released with the updates, the new kernel packages made available are specifically drafted to mitigate several imminent and emerging security concerns in the operating system.

The change log for the Slackware v14.2 updates package shows that the latest release does a grand number of security mitigations all under one umbrella. Firstly, the upgraded package allows for the mitigation of the imminent L1 terminal fault vulnerabilities, also known as the Foreshadow and Foreshadow-NG vulnerabilities. In addition to this, the updated package fixes a boot issue which was preventing system upgrades to versions which would tackle unwanted security issues self-sufficiently. The fix of the boot up issue was provided by Bernhard Kaindl who developed it particularly for 4.4.x kernel versions. The three prominent CVE assigned vulnerabilities targeted in this release are CVE-2018-3615, CVE-2018-3620, and CVE-2018-3546.

To stay updated with your device’s security and vulnerability protection status, you must navigate to /sys/devices/system/cpu/vulnerabilities where such information will be readily available. In addition to this, some guidelines that go hand in hand with the latest upgrade: ensure that you upgrade your initrd package along with the kernel package updates. If you use lilo to start up your device, be mindful of a few things. Lilo.conf should point to the correct kernel and initrd. This should make the lilo.conf run as an update bootloader root. Along these lines, also ensure that eliloconfig is run to copy the new kernel updates and initrd to the EFI System Partition for privileged access.

For those who do not have Slackware 14.2 installed yet, you can give the operating system a try without having to modify your disk drive through the Slackware Live Edition. The complete installation is run from CD, DVD, or USB, and it is designed to let you run the Slackware operating system on your device as it is without having to compromise anything on your existing system. For those who have the system running and want to apply these latest updates, visit the Slackware web page to download the relevant releases.


Leave a Reply

Your email address will not be published.

Close