[ubuntu-hardened] Linux kernel: old version and system security.
daniel curtis
sidetripping at gmail.com
Wed Nov 2 17:54:14 UTC 2016
Hi and G'day
I hope, that it's a good place to ask another question about Linux kernel.
As we know kernel-team mailing list is used to coordinate and plan kernel
uploads for Ubuntu etc. But my question is related to system security.
So; let say, that after a couple of kernel updates (of course, with plenty
of security issues fixed) there are - for example - three 'old' kernels:
one currently used and and three previous versions. An example:
[~]$ dpkg -l |grep linux-image-3.2 |wc -l
4
What user should do in such situation: he should remove an 'old' kernels
(simple, because they are vulnerable and have unpatched security issues
etc.) or he can keep those kernels as long, as there is enough space on the
/boot partition (if there is such a partition) or, at last when he decide
to do it - remove?
Generally: it is secure to keep more than one, patched kernel? Is there any
chance, that an 'older' kernel versions could affect the safety of the
system? If after kernel update everything is working okay... I see no
reason to keep more than this one. But that's only my personal opinion.
Whether the older kernel versions, can be used in some way by an attacker?
Of course if he manage to break in to the system etc. I apologize for such
naive questions.
Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20161102/a524eecb/attachment.html>
More information about the ubuntu-hardened
mailing list