Old kernel in mint

Questions about applications and software
Forum rules
Before you post please read this

Old kernel in mint

Postby toro22 on Thu Jun 07, 2012 10:41 am

Last night I installed Mint 12. After installation and first reboot I updated the system via Update manager, but there was no new kernel on the save default level.

At level 4/5 the new kernels are.

Now before somebody says something like: "It's okay, your save" look how old the kernel is:

Code: Select all
 Linux mintbox 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux

I think thats an insecure kernel since Ubuntu is already at #24+ or something.

Two days back I installed mint 13. To much bugs and also old kernel that did not get updated on the save default level. I saw the same thing. Old kernel in use while new kernel available.

I am not the only one wondering about this: viewtopic.php?f=90&t=104262
Last edited by toro22 on Thu Jun 07, 2012 1:32 pm, edited 1 time in total.
toro22
Level 1
Level 1
 
Posts: 4
Joined: Wed Jun 06, 2012 9:06 am

Linux Mint is funded by ads and donations.
 

Re: Old (insecure) kernel in mint

Postby Condorman on Thu Jun 07, 2012 11:21 am

But in my topic you link to, I'm not saying that an out of date kernel means necessarily an insecure one. I'm simply positing the possibility of there being one at some point, and asking how Mint handles this. As far as I'm aware, your older kernel there does not represent a security issue. Lots of distros and devices that use the Linux kernel use older kernels. I have a Digital Stream Freeview PVR in my home that uses Linux, and that features the 2.6 series kernel. There's nothing inherently insecure about that.
Condorman
Level 3
Level 3
 
Posts: 158
Joined: Mon Nov 10, 2008 10:08 am

Re: Old kernel in mint

Postby toro22 on Thu Jun 07, 2012 1:35 pm

I changed the topic to Old kernel in mint.

Condorman wrote:But in my topic you link to, I'm not saying that an out of date kernel means necessarily an insecure one. I'm simply positing the possibility of there being one at some point, and asking how Mint handles this. As far as I'm aware, your older kernel there does not represent a security issue.


Okay. Just find it odd thats all. Its just I had read something some months back about something called kernel exploit?

I just want to be a save baby penguin. I want to learn and do it the right way :roll:
toro22
Level 1
Level 1
 
Posts: 4
Joined: Wed Jun 06, 2012 9:06 am

Re: Old kernel in mint

Postby Condorman on Thu Jun 07, 2012 2:17 pm

No I'm exactly the same. I'm very used to Ubuntu after so many years, and my original thread was just to get a better understanding of how Mint works as a relative of it. I think I may have upset a few, but that was not my intention. I like Mint a great deal.
Condorman
Level 3
Level 3
 
Posts: 158
Joined: Mon Nov 10, 2008 10:08 am

Re: Old kernel in mint

Postby xenopeek on Thu Jun 07, 2012 4:42 pm

There are pros and cons to updating your kernel. On the pros side, updating your kernel may include security fixes, it may improve stability or speed as drivers for your hardware have improved, and it may include new features or bugfixes to existing features. On the cons side it may do the reverse of all that, so introduce new security issues, decrease stability and speed as drivers that were improved for some model actually perform worse on your model, and new features may introduce new problems. Even the bugfixes may introduce new problems. There may even be regressions, where problems fixed in your current kernel version return. As the updated kernel version has been less thoroughly and rigorously integration tested with your Linux Mint version than the initial kernel, updating kernel versions introduces a risk. While the chance of the risk occurring may be low, it would have high impact on average users. Measures can always be taken to push a kernel update if there is a security issues that is being exploited. Those are my personal views BTW, not Mint HQ certified :wink:

For users somewhat more comfortable with using Linux, those that know how to recover from a bad kernel update from GRUB, it is usually safe to enable kernel updates. I have level 4 and 5 only set to visible, not to automatic updating (as also the display drivers are at that level, and that is less easy to recover from). If there is a new kernel available, it makes sense to check if you need it or not. If it ain't broke, don't fix it. You could, for example, track Ubuntu's security notices, or search for security issues on the kernel: http://www.ubuntu.com/usn.

For example, see this recent security notice on the kernel: http://www.ubuntu.com/usn/usn-1457-1/. It describes five security issues, four of which are exploitable only by a local user. Meaning by you or a program you run, and then for two of those only if you are using KVM virtualization (which I guess you aren't using :wink:). The one remote exploit reads:
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.

So you would have to connect to a remote NFS server, and somebody would have had to deliberately include this exploit at the NFS server, and then it could perhaps crash your machine if you connect. Not good, but you are not at risk of your personal data being stolen.

So don't assume that just because there is a security issue in the kernel, it affects you :wink: The kernel can do a whole lot of things, and you are but using a fraction of that on your computer 8) And even though there may be security issues on older kernel versions, those that may affect you, that doesn't immediately mean there is an exploit in the wild or that your machine is at risk of being hacked. Just as on Windows, being a responsible computer user goes a long way towards your security: install software only from trusted sources (i.e., don't randomly download programs or scripts for the Internet and run them), configure your firewall, and when browsing the Internet make yourself aware of what you can do to limit risks to your browser (which is more exposed than your kernel)--such as with add-ons like NoScript, HTTPS Everywhere and others.
Forum Rules | IRC Channel Rules
Image
Arch Linux / 64-bit / Gnome Shell
User avatar
xenopeek
Level 21
Level 21
 
Posts: 13700
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: Old kernel in mint

Postby Condorman on Fri Jun 08, 2012 3:20 am

Thank you for your excellent and detailed reply. I quite agree there are pros and cons to updating a kernel. One only has to take a cursory glance at the Ubuntu forums after a kernel update to see the damage that it can do! I have always been quite lucky (touch wood), and have never had a problem after a kernel update, or not one that I've noticed anyway. But at least I am a little clearer on the Mint approach to updates. I think I will set levels 4 and 5 to visible, and just keep an eye on what updates come down the chute. Many thanks again for this reply. :)
Condorman
Level 3
Level 3
 
Posts: 158
Joined: Mon Nov 10, 2008 10:08 am


Return to Software & Applications

Who is online

Users browsing this forum: Google [Bot] and 13 guests