Announcement

Collapse
No announcement yet.

Ubuntu 19.10's Kernel Ships With A DoS / Arbitrary Code Execution Bug In The IPv6 Code

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ubuntu 19.10's Kernel Ships With A DoS / Arbitrary Code Execution Bug In The IPv6 Code

    Phoronix: Ubuntu 19.10's Kernel Ships With A DoS / Arbitrary Code Execution Bug In The IPv6 Code

    If you are planning to run the newly-released Ubuntu 19.10, among the initial round of stable release updates is an important kernel fix...

    http://www.phoronix.com/scan.php?pag....10-Kernel-Bug

  • #2
    This is why distro's should release on stable kernels with CI. Can't believe it's still not standard practice. Ubuntu's April release cycles follow exactly 4-5 months after a stable LTS release so you would think that it's a no-brainer.

    Comment


    • #3
      Originally posted by LoveRPi View Post
      This is why distro's should release on stable kernels with CI. Can't believe it's still not standard practice. Ubuntu's April release cycles follow exactly 4-5 months after a stable LTS release so you would think that it's a no-brainer.
      and what about the hardware enablement and new kernel features and fixes? IMO the status quo is correct

      Comment


      • #4
        One of the very first things I do on any Linux install is add "ipv6.disable=1" to the kernel boot options.

        Comment


        • #5
          Originally posted by linner View Post
          One of the very first things I do on any Linux install is add "ipv6.disable=1" to the kernel boot options.
          I'm not sure that's something to be proud of, given how much the world has dragged its heels on IPv6 adoption, even as we see things like carrier-grade NAT becoming more necessary.

          Comment


          • #6
            Originally posted by linner View Post
            One of the very first things I do on any Linux install is add "ipv6.disable=1" to the kernel boot options.
            Amazingly bold to say just days after the RIPE NCC announced they have no IPv4 to sell anymore.

            Comment


            • #7
              Originally posted by linner View Post
              One of the very first things I do on any Linux install is add "ipv6.disable=1" to the kernel boot options.
              I agree, if you have no use for ipv6, disable it. Why would you want to have (probably unconfigured) interfaces you're not paying any attention to?

              I have dedicated, static IPV4 addresses, both with ISP and datacenters and nobody is going to be snatching them away.

              Comment


              • #8
                Originally posted by linner View Post
                One of the very first things I do on any Linux install is add "ipv6.disable=1" to the kernel boot options.
                Advertising you're a moron is not something to be proud of.

                Comment


                • #9
                  Originally posted by brad0 View Post

                  Advertising you're a moron is not something to be proud of.
                  Then please don't yourself. Someone is not a moron for disabling ipv6 support if they don't have access to ipv6.

                  If your ISP doesn't offer IPV6 addresses to you as a customer in 2019 (yes, I promise we exist and still they drag their heels), the only way you can make use of an ipv6 address is via some method of v4->v6 tunnelling - and why would you want to do that apart from to compare the two or add extra steps/latency?

                  Comment


                  • #10
                    I see why it is recommended to stick with an LTS release nowadays. The 6 month release just don't seem to get the testing needed it would appear.

                    Comment

                    Working...
                    X