Extra release
An updated version of the latest stable release – 2022011701b – has just been pushed out. The only difference is that the INF_TEST
kernel for Ubuntu is now the latest version – 5.4.0-96.109
– which resolves a high priority security issue.
That test version of the kernel can be requested by defining the ED_KERNEL_INF_TEST
macro at the top of an LCFG profile. This fixes a
high priority issue – CVE-2022-0185, USN-5240-1. We will make this the default INF
kernel for Ubuntu in the stable release next week.
Alternatively, the recommended mitigation is to set a kernel sysctl which can be done like this:
LCFG_KERNEL_SYSCTL(userns_clone,kernel.unprivileged_userns_clone,0)
There’s a strong argument for that being the default setting with it only turned on where required.
Extra release / LCFG Project by blogadmin is licensed under a Creative Commons Attribution CC BY 3.0
Recent comments