<SOLVED> Can I still use kernel 3.19.8?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

<SOLVED> Can I still use kernel 3.19.8?

Post by robertojf2012 » Fri Aug 17, 2018 2:53 pm

Hello everyone!, I'm kind of new in the Linux world and maybe this question may be easy to answer but I would like to be sure.
I'm running Linux Mint 18 (Sarah), this version came with kernel 4.4, but I had to go back to 3.19.8 due to wi-fi issues when suspend my PC and slow performance too. I tried newer versions (4.8, 4.9 and the latest stable) but my issues were not solved.
Using kernel 3.19.8, solved all my issues and my PC works perfect, but I'm concerned about this version because it is an old kernel version, and I guess this does not receive security updates anymore or support. So I don't know for sure if it is ok to keep using it, I don't want to have security issues on my machine or things like that..
What would you recommend me to do? Do I have to worrie about something?
I have been searching this doubt on Internet but I couldn't find any specific answer to this.

Thank you very much for your time, I hope you can give me some right advice.
Last edited by robertojf2012 on Tue Aug 21, 2018 11:29 pm, edited 1 time in total.

User avatar
Pjotr
Level 20
Level 20
Posts: 10988
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Can I still use kernel 3.19.8?

Post by Pjotr » Fri Aug 17, 2018 2:59 pm

Normally, it's not so bad to continue running a non-updated kernel. The high-risk security fixes are usually for other parts of your system, like your web browser.

But in this case you're missing out on kernel fixes/mitigations for Spectre and Meltdown. That's not so good.

You might want to consider a clean installation of Mint 19; perhaps Mint 19 will also run well on your machine, and Mint 19 has those essential fixes.
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Fri Aug 17, 2018 9:56 pm

So if i want to be 'protected' against those threats I have to be using a newer version of mint? Or a newer kernel?
I skipped mint 18.1 and above because I realized the system requirements went up, I and want to keep the system resources as low as possible because I have a low spec PC.
Is it actually notable the increase of RAM memory on mint 19?

lazarus
Level 3
Level 3
Posts: 148
Joined: Mon Jul 02, 2018 11:36 pm
Location: Oberon, OZ

Re: Can I still use kernel 3.19.8?

Post by lazarus » Sat Aug 18, 2018 12:07 am

I suggest that you read up on Meltdown and Spectre and decide for yourself whether you should feel concerned.

If you're using your PC for work purposes, you should be concerned. If you're using it for online banking and similarly sensitive data processing, you should be concerned.

If you're only using it for minor domestic purposes such as gaming, a bit of web browsing, it's not so much of a worry. Still a potential threat, but not so much so.

I guess it's similar to if your PC was stolen. Would you be panicked at the loss of data/passwords or merely peeved? (And, perhaps, potentially embarrassed. :) )

Me, I have a couple of laptops that are staying at earlier kernels because of a similar situation to you. They're old HW that work well as is... don't meet the requirements of newer OS's, and newer kernels cause other issues. But they're also only media players that see no truly sensitive data passing through them; user and network passwords, yes, but my router is set up to block incoming WAN login attempts anyway.
- Andy

I may be weird but I'm saving up to become eccentric.

DAMIEN1307
Level 6
Level 6
Posts: 1149
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico

Re: Can I still use kernel 3.19.8?

Post by DAMIEN1307 » Sat Aug 18, 2018 12:24 am

hi roberto....im providing a link to a post i started back in january of this year regarding what lazarus just referred to regarding spectre, meltdown and now foreshadow issues and whether you should be concerned...(it is now 30 pages so lots for you to catch up on)...happy reading...lol...DAMIEN

viewtopic.php?f=58&t=260764
ORDO AB CHAO

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sat Aug 18, 2018 12:40 am

lazarus wrote:
Sat Aug 18, 2018 12:07 am
I suggest that you read up on Meltdown and Spectre and decide for yourself whether you should feel concerned.

If you're using your PC for work purposes, you should be concerned. If you're using it for online banking and similarly sensitive data processing, you should be concerned.

If you're only using it for minor domestic purposes such as gaming, a bit of web browsing, it's not so much of a worry. Still a potential threat, but not so much so.

I guess it's similar to if your PC was stolen. Would you be panicked at the loss of data/passwords or merely peeved? (And, perhaps, potentially embarrassed. :) )

Me, I have a couple of laptops that are staying at earlier kernels because of a similar situation to you. They're old HW that work well as is... don't meet the requirements of newer OS's, and newer kernels cause other issues. But they're also only media players that see no truly sensitive data passing through them; user and network passwords, yes, but my router is set up to block incoming WAN login attempts anyway.
hey lazarus, I'm going to tell you what I do on my PC...
I'm a software developer, I'm currently studying, but what I do on my PC basically is programming, sometimes I install some plugins and things like that, I always look for the software on the official repositories first. Also I surf the web for research about things about code that I need to implement etc.. watch youtube, play some online games, and basically thats it. I use firefox with an adblocker, and I have turned on my firewall. Do you think I need to be concerned?.. I'm still going to make a research about Meltdown and Spectre and take a decition but I would like to know what you think.
Thank you again.

lazarus
Level 3
Level 3
Posts: 148
Joined: Mon Jul 02, 2018 11:36 pm
Location: Oberon, OZ

Re: Can I still use kernel 3.19.8?

Post by lazarus » Sat Aug 18, 2018 1:17 am

As a student, a degree of concern is certainly warranted if you only have the one PC.

In theory Spectre & Meltdown are more suitable for eavesdropping on your data, rather than actually hijacking your computer. This does not mean that sometime down the road some creative hacker cannot use them for intrusive use though!

In your situation, given a choice of a 'secure' PC that is crippled in some areas (eg. no WiFi or audio) or an 'insecure' PC that otherwise works OK I'd probably take the gamble and go for the insecure working one. Mainly because it's so frustrating to use a broken system every day.... as versus the likelihood of a hack attempt. AFAIK, these exploits have not been implemented in active code yet. Yet. O' course, I could be waaaay wrong.

(AND in the meanwhile frantically squirrelling coin away to buy newer HW that can run both securely and with full functions. Or at least convincing myself that's what I'm doing... :wink: )
- Andy

I may be weird but I'm saving up to become eccentric.

User avatar
Pjotr
Level 20
Level 20
Posts: 10988
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Can I still use kernel 3.19.8?

Post by Pjotr » Sat Aug 18, 2018 4:17 am

robertojf2012 wrote:
Fri Aug 17, 2018 9:56 pm
So if i want to be 'protected' against those threats I have to be using a newer version of mint? Or a newer kernel?
Yes.
I skipped mint 18.1 and above because I realized the system requirements went up, I and want to keep the system resources as low as possible because I have a low spec PC.
Is it actually notable the increase of RAM memory on mint 19?
Please generate an overview of your system like this:
- Launch a terminal window (this is how to launch a terminal window);
- make the terminal window full screen, to avoid chopped lines;
- Copy/paste this command into the terminal:

Code: Select all

inxi -Fxz
(if you type: the letter F is a capital letter)

Press Enter.

Copy/paste the output in your next message.
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sat Aug 18, 2018 6:10 pm

Pjotr wrote:
Sat Aug 18, 2018 4:17 am
robertojf2012 wrote:
Fri Aug 17, 2018 9:56 pm
So if i want to be 'protected' against those threats I have to be using a newer version of mint? Or a newer kernel?
Yes.
I skipped mint 18.1 and above because I realized the system requirements went up, I and want to keep the system resources as low as possible because I have a low spec PC.
Is it actually notable the increase of RAM memory on mint 19?
Please generate an overview of your system like this:
- Launch a terminal window (this is how to launch a terminal window);
- make the terminal window full screen, to avoid chopped lines;
- Copy/paste this command into the terminal:

Code: Select all

inxi -Fxz
(if you type: the letter F is a capital letter)

Press Enter.

Copy/paste the output in your next message.
This is the info of my system:

Code: Select all

System:    Host: robert-Satellite-C855 Kernel: 3.19.8-031908ckt22-generic x86_64 (64 bit gcc: 4.9.2)
           Desktop: Xfce 4.12.3 (Gtk 2.24.28) Distro: Linux Mint 18 Sarah
Machine:   System: TOSHIBA (portable) product: Satellite C855 v: PSCBLU-02M004
           Mobo: TOSHIBA model: Portable PC v: MP Bios: Insyde v: 6.70 date: 04/15/2013
CPU:       Dual core Intel Core i3-3120M (-HT-MCP-) cache: 3072 KB
           flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 9977
           clock speeds: max: 2500 MHz 1: 1206 MHz 2: 1204 MHz 3: 1202 MHz 4: 1204 MHz
Graphics:  Card: Intel 3rd Gen Core processor Graphics Controller bus-ID: 00:02.0
           Display Server: X.Org 1.18.3 driver: intel Resolution: 1366x768@60.00hz
           GLX Renderer: Mesa DRI Intel Ivybridge Mobile GLX Version: 3.0 Mesa 11.2.0 Direct Rendering: Yes
Audio:     Card Intel 7 Series/C210 Series Family High Definition Audio Controller
           driver: snd_hda_intel bus-ID: 00:1b.0
           Sound: Advanced Linux Sound Architecture v: k3.19.8-031908ckt22-generic
Network:   Card-1: Qualcomm Atheros AR8162 Fast Ethernet driver: alx port: 3000 bus-ID: 01:00.0
           IF: enp1s0 state: down mac: <filter>
           Card-2: Realtek RTL8188CE 802.11b/g/n WiFi Adapter driver: rtl8192ce port: 2000 bus-ID: 02:00.0
           IF: wlp2s0 state: up mac: <filter>
Drives:    HDD Total Size: 500.1GB (18.2% used) ID-1: /dev/sda model: Hitachi_HTS54505 size: 500.1GB
Partition: ID-1: / size: 37G used: 17G (48%) fs: ext4 dev: /dev/sda6
           ID-2: /boot size: 657M used: 193M (31%) fs: ext2 dev: /dev/sda1
           ID-3: /home size: 420G used: 67G (17%) fs: ext4 dev: /dev/sda7
           ID-4: swap-1 size: 2.05GB used: 0.00GB (0%) fs: swap dev: /dev/sda5
RAID:      No RAID devices: /proc/mdstat, md_mod kernel module present
Sensors:   System Temperatures: cpu: 45.0C mobo: N/A
           Fan Speeds (in rpm): cpu: N/A
Info:      Processes: 199 Uptime: 2 min Memory: 716.2/3839.4MB Init: systemd runlevel: 5 Gcc sys: 5.4.0
           Client: Shell (bash 4.3.481) inxi: 2.2.35 

User avatar
Pjotr
Level 20
Level 20
Posts: 10988
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Can I still use kernel 3.19.8?

Post by Pjotr » Sat Aug 18, 2018 6:24 pm

Your system is perfectly fit for Mint 19. I recommend the lightweight Xfce edition, 64-bit:
http://mintmirror.math.washington.edu/l ... bit-v2.iso
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sat Aug 18, 2018 8:27 pm

Pjotr wrote:
Sat Aug 18, 2018 6:24 pm
Your system is perfectly fit for Mint 19. I recommend the lightweight Xfce edition, 64-bit:
http://mintmirror.math.washington.edu/l ... bit-v2.iso
Glad to hear that, my only concern is about RAM usage, do you know if mint 19 really uses more RAM than 18 and 18.3, is it much difference?, how can I check the actually RAM usage that my system is using? my task manager normally shows 9% of RAM usage without nothing open. but it is only a percentage.. I would like to know in MB.
Just to compare to the newest version..
thank you again

User avatar
Pjotr
Level 20
Level 20
Posts: 10988
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Can I still use kernel 3.19.8?

Post by Pjotr » Sun Aug 19, 2018 4:10 am

I recommend Conky:
https://sites.google.com/site/easylinux ... forxubuntu

In my experience, Mint 19 doesn't seem to weigh more heavily than previous versions. But that's just a feeling, I haven't measured it....
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

FreedomTruth
Level 4
Level 4
Posts: 417
Joined: Fri Sep 23, 2016 10:19 am

Re: Can I still use kernel 3.19.8?

Post by FreedomTruth » Sun Aug 19, 2018 12:58 pm

robertojf2012 wrote:
Sat Aug 18, 2018 8:27 pm
how can I check the actually RAM usage that my system is using?
According to your inxi report:

Code: Select all

Info:      Processes: 199 Uptime: 2 min Memory: 716.2/3839.4MB Init: systemd runlevel: 5 Gcc sys: 5.4.0
           Client: Shell (bash 4.3.481) inxi: 2.2.35 
Your xfce system is using 716 MB of RAM with 2 minute uptime (?) that seems like a lot. Anyway your 4 gb total should be okay with xfce. If you don't want the full inxi report, you can use the free command to check used/free/available RAM.
If you abide in My word, you are My disciples indeed. And you shall know the truth, and the truth shall make you free... Most assuredly, I say to you, whoever commits sin is a slave of sin... Therefore if the Son makes you free, you shall be free indeed.

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sun Aug 19, 2018 3:33 pm

Pjotr wrote:
Sun Aug 19, 2018 4:10 am
I recommend Conky:
https://sites.google.com/site/easylinux ... forxubuntu

In my experience, Mint 19 doesn't seem to weigh more heavily than previous versions. But that's just a feeling, I haven't measured it....
Ok thank you very much! I really appreciate :D

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sun Aug 19, 2018 3:37 pm

FreedomTruth wrote:
Sun Aug 19, 2018 12:58 pm
robertojf2012 wrote:
Sat Aug 18, 2018 8:27 pm
how can I check the actually RAM usage that my system is using?
According to your inxi report:

Code: Select all

Info:      Processes: 199 Uptime: 2 min Memory: 716.2/3839.4MB Init: systemd runlevel: 5 Gcc sys: 5.4.0
           Client: Shell (bash 4.3.481) inxi: 2.2.35 
Your xfce system is using 716 MB of RAM with 2 minute uptime (?) that seems like a lot. Anyway your 4 gb total should be okay with xfce. If you don't want the full inxi report, you can use the free command to check used/free/available RAM.
Oh yeah When I took the report I had Firefox already open, and I was in the Linux Mint Forums page.
Thank you for that command, but I guess the information is in bytes right?

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sun Aug 19, 2018 4:58 pm

Pjotr wrote:
Sun Aug 19, 2018 4:10 am
I recommend Conky:
https://sites.google.com/site/easylinux ... forxubuntu

In my experience, Mint 19 doesn't seem to weigh more heavily than previous versions. But that's just a feeling, I haven't measured it....
Hey man, one last question.. do you recommend me to update to the latest release from Mint 18? Currently I cannot make a clean install of mint 19, because of important files.. Thank you again

User avatar
Pjotr
Level 20
Level 20
Posts: 10988
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Can I still use kernel 3.19.8?

Post by Pjotr » Sun Aug 19, 2018 5:03 pm

robertojf2012 wrote:
Sun Aug 19, 2018 4:58 pm
Pjotr wrote:
Sun Aug 19, 2018 4:10 am
I recommend Conky:
https://sites.google.com/site/easylinux ... forxubuntu

In my experience, Mint 19 doesn't seem to weigh more heavily than previous versions. But that's just a feeling, I haven't measured it....
Hey man, one last question.. do you recommend me to update to the latest release from Mint 18? Currently I cannot make a clean install of mint 19, because of important files.. Thank you again
No, a clean installation is by far the best way....
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Sun Aug 19, 2018 5:13 pm

Pjotr wrote:
Sun Aug 19, 2018 5:03 pm
robertojf2012 wrote:
Sun Aug 19, 2018 4:58 pm
Pjotr wrote:
Sun Aug 19, 2018 4:10 am
I recommend Conky:
https://sites.google.com/site/easylinux ... forxubuntu

In my experience, Mint 19 doesn't seem to weigh more heavily than previous versions. But that's just a feeling, I haven't measured it....
Hey man, one last question.. do you recommend me to update to the latest release from Mint 18? Currently I cannot make a clean install of mint 19, because of important files.. Thank you again
No, a clean installation is by far the best way....
Ok I understand, so the same applies to Mint 18.3?

User avatar
Pjotr
Level 20
Level 20
Posts: 10988
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Can I still use kernel 3.19.8?

Post by Pjotr » Sun Aug 19, 2018 5:21 pm

Only upgrades within a particular series (e.g. the 18 series) are safe and advisable. Reason: no change of Ubuntu LTS codebase.
Tip: 10 things to do after installing Linux Mint 19 Tara
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

robertojf2012
Level 1
Level 1
Posts: 24
Joined: Thu Mar 01, 2018 3:15 pm
Contact:

Re: Can I still use kernel 3.19.8?

Post by robertojf2012 » Mon Aug 20, 2018 1:20 pm

Pjotr wrote:
Sun Aug 19, 2018 5:21 pm
Only upgrades within a particular series (e.g. the 18 series) are safe and advisable. Reason: no change of Ubuntu LTS codebase.
Ok got it. I decided to go back to kernel 4.4.0-133-generic, just because I really don't want to be without any type of security.. I also downloaded the spectre-meltdown-checker to see the vulnerability. And you were right, with kernel 3.19.8 I had no protection.
With 4.4.0-133-generic I now see that I'm almost protected, I say almost because the script showed me 2 lines where i'm still vulnerable. Can you help me interpret that lines?

this is what the spectre-meltdown-checker showed me:

Code: Select all

Spectre and Meltdown mitigation detection tool v0.39-10-gb2f64e1

Checking for vulnerabilities on current system
Kernel is Linux 4.4.0-133-generic #159-Ubuntu SMP Fri Aug 10 07:31:43 UTC 2018 x86_64
CPU is Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
  * Indirect Branch Restricted Speculation (IBRS)
    * SPEC_CTRL MSR is available:  YES 
    * CPU indicates IBRS capability:  YES  (SPEC_CTRL feature bit)
  * Indirect Branch Prediction Barrier (IBPB)
    * PRED_CMD MSR is available:  YES 
    * CPU indicates IBPB capability:  YES  (SPEC_CTRL feature bit)
  * Single Thread Indirect Branch Predictors (STIBP)
    * SPEC_CTRL MSR is available:  YES 
    * CPU indicates STIBP capability:  YES  (Intel STIBP feature bit)
  * Speculative Store Bypass Disable (SSBD)
    * CPU indicates SSBD capability:  NO 
  * L1 data cache invalidation
    * FLUSH_CMD MSR is available:  NO 
  * Enhanced IBRS (IBRS_ALL)
    * CPU indicates ARCH_CAPABILITIES MSR availability:  NO 
    * ARCH_CAPABILITIES MSR advertises IBRS_ALL capability:  NO 
  * CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO):  NO 
  * CPU explicitly indicates not being vulnerable to Variant 4 (SSB_NO):  NO 
  * Hypervisor indicates host CPU might be vulnerable to RSB underflow (RSBA):  NO 
  * CPU microcode is known to cause stability problems:  NO  (model 0x3a family 0x6 stepping 0x9 ucode 0x1f cpuid 0x306a9)
  * CPU microcode is the latest known available version:  NO  (you have version 0x1f and latest known version is 0x20)
* CPU vulnerability to the speculative execution attack variants
  * Vulnerable to Variant 1:  YES 
  * Vulnerable to Variant 2:  YES 
  * Vulnerable to Variant 3:  YES 
  * Vulnerable to Variant 3a:  YES 
  * Vulnerable to Variant 4:  YES 
  * Vulnerable to Variant l1tf:  YES 

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface:  YES  (Mitigation: __user pointer sanitization)
* Kernel has array_index_mask_nospec:  YES  (1 occurrence(s) found of x86 64 bits array_index_mask_nospec())
* Kernel has the Red Hat/Ubuntu patch:  YES 
* Kernel has mask_nospec64 (arm64):  NO 
> STATUS:  NOT VULNERABLE  (Mitigation: __user pointer sanitization)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface:  YES  (Mitigation: Full generic retpoline, IBPB (Intel v4))
* Mitigation 1
  * Kernel is compiled with IBRS support:  YES 
    * IBRS enabled and active:  NO 
  * Kernel is compiled with IBPB support:  YES 
    * IBPB enabled and active:  YES 
* Mitigation 2
  * Kernel has branch predictor hardening (arm):  NO 
  * Kernel compiled with retpoline option:  YES 
    * Kernel compiled with a retpoline-aware compiler:  YES  (kernel reports full retpoline compilation)
> STATUS:  NOT VULNERABLE  (Full retpoline + IBPB are mitigating the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface:  YES  (Mitigation: PTI)
* Kernel supports Page Table Isolation (PTI):  YES 
  * PTI enabled and active:  YES 
  * Reduced performance impact of PTI:  YES  (CPU supports PCID, performance impact of PTI will be reduced)
* Running as a Xen PV DomU:  NO 
> STATUS:  NOT VULNERABLE  (Mitigation: PTI)

CVE-2018-3640 [rogue system register read] aka 'Variant 3a'
* CPU microcode mitigates the vulnerability:  NO 
> STATUS:  VULNERABLE  (an up-to-date CPU microcode is needed to mitigate this vulnerability)

CVE-2018-3639 [speculative store bypass] aka 'Variant 4'
* Mitigated according to the /sys interface:  NO  (Vulnerable)
* Kernel supports speculation store bypass:  YES  (found in /proc/self/status)
> STATUS:  VULNERABLE  (Your CPU doesn't support SSBD)

CVE-2018-3615/3620/3646 [L1 terminal fault] aka 'Foreshadow & Foreshadow-NG'
* Mitigated according to the /sys interface:  YES  (Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable)
> STATUS:  NOT VULNERABLE  (Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable)

Need more detailed information about mitigation options? Use --explain
A false sense of security is worse than no security at all, see --disclaimer

And just to update my current system info, here is my inxi -Fxz output:

Code: Select all

System:    Host: robert-Satellite-C855 Kernel: 4.4.0-133-generic x86_64 (64 bit gcc: 5.4.0)
           Desktop: Xfce 4.12.3 (Gtk 2.24.28) Distro: Linux Mint 18 Sarah
Machine:   System: TOSHIBA (portable) product: Satellite C855 v: PSCBLU-02M004
           Mobo: TOSHIBA model: Portable PC v: MP Bios: Insyde v: 6.70 date: 04/15/2013
CPU:       Dual core Intel Core i3-3120M (-HT-MCP-) cache: 3072 KB
           flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 9977
           clock speeds: max: 2500 MHz 1: 1204 MHz 2: 1200 MHz 3: 1200 MHz 4: 1200 MHz
Graphics:  Card: Intel 3rd Gen Core processor Graphics Controller bus-ID: 00:02.0
           Display Server: X.Org 1.18.3 driver: intel Resolution: 1366x768@60.00hz
           GLX Renderer: Mesa DRI Intel Ivybridge Mobile GLX Version: 3.0 Mesa 11.2.0 Direct Rendering: Yes
Audio:     Card Intel 7 Series/C210 Series Family High Definition Audio Controller
           driver: snd_hda_intel bus-ID: 00:1b.0
           Sound: Advanced Linux Sound Architecture v: k4.4.0-133-generic
Network:   Card-1: Qualcomm Atheros AR8162 Fast Ethernet driver: alx port: 3000 bus-ID: 01:00.0
           IF: enp1s0 state: down mac: <filter>
           Card-2: Realtek RTL8188CE 802.11b/g/n WiFi Adapter driver: rtl8192ce port: 2000 bus-ID: 02:00.0
           IF: wlp2s0 state: up mac: <filter>
Drives:    HDD Total Size: 500.1GB (20.4% used) ID-1: /dev/sda model: Hitachi_HTS54505 size: 500.1GB temp: 36C
Partition: ID-1: / size: 37G used: 17G (49%) fs: ext4 dev: /dev/sda6
           ID-2: /boot size: 657M used: 246M (40%) fs: ext2 dev: /dev/sda1
           ID-3: /home size: 420G used: 77G (20%) fs: ext4 dev: /dev/sda7
           ID-4: swap-1 size: 2.05GB used: 0.00GB (0%) fs: swap dev: /dev/sda5
RAID:      No RAID devices: /proc/mdstat, md_mod kernel module present
Sensors:   System Temperatures: cpu: 50.0C mobo: N/A
           Fan Speeds (in rpm): cpu: N/A
Info:      Processes: 191 Uptime: 14 min Memory: 881.6/3838.5MB Init: systemd runlevel: 5 Gcc sys: 5.4.0
           Client: Shell (bash 4.3.481) inxi: 2.2.35
Now that I've been researching, the patches for those vulnerabilities bring some 'problems' to the CPU. They can slow down the CPUs performance up to 30%.
I've been thinking about my slow performance I had with kernel 4.4, after suspending and waking up my PC. I don't know if that problem could be related with those security patches, what do you think?.
I know that I'm just guessing but seems to be some way connected.

I really appreciate all the info you guys have gave me, maybe the fastest solution would be to upgrade my entire OS, but unfortunately it is not a possibility for me now. That's why i'm still asking you questions about other possible solutions..
Thank you very much for your time

Post Reply

Return to “Newbie Questions”