TimHolus blog - The gibberish of a madman

Teflon is the material- fohh the Imperial

508395538_1129336579226703_611714912112690990_n1242×1414 218 KB

Teflon is supposedly not problematic, but C8 and similar are silent death. In addition, mass poisoning of people on the entire planet in millions of different ways for decades.

I thought, VIM is the PC-Speaker test application for *nix

Fixed in kernel 5.11? Maybe?

So just need to make sure the kernel is less than 2 years old?

Sounds silly for home users, but I can see people running very old systems needing to know

Also, talk about responsible disclosure; fix 2 years before wide publication…

And, even some mainstream kernels might be old too…

I know a ton of machines that still have 4.9.*

eeep!

This was a great explanation.

RHEL 8, right? RHEL 9 should be on 5.xx now on average I think. But was this getting backported?

Paradoxically no, it’s Debian’s 9.13

If I understand correctly, the bug is present from 5.11 to probably 6.1.9 or something like that.

The Red Hat Enterprise Linux 8.4 and before not affected, because the patch that introduced the bug exists starting from 8.6.

Well then it is a human fault.

https://security-tracker.debian.org/tracker/CVE-2023-0386

This shows the fix for the CVE was backported to all still supported version, Debian 9.13 is EOL sind 2020 afaik though so if you run EOL software you’ll get security issues.

I can talk and repeat and people in high positions know their stuff “better” than me and…
Not my problem… I’m not paid to worry about it. They have their own sysadm for these machines.

EOL is not a good idea but it also doesn’t magically create a threat in itself. If the sysadm is experienced, the EOL OS can keep it tight.

All my Debian’s are bookworms with 6.x kernels. Only one machine is still bullseye, but it is in the plan for update and for now it is in rolling, with 6.6 kernel but it is a specific ARM machine.

In the queue will also be all Alpine 3.19.7 because the deadline is slowly approaching.

Alright I should not have looked into this … I knew a little about it but I looked at the current regulation in the EU and it is disappointing, not being taken too seriously and most of all not actively being investigated and even though probably one of the tightest regulations world wide not nearly enough and the thought of it will make my sleep worse.