Are all Linux vendor kernels insecure? A new study says yes, but there’s a fix

According to a recent study by CIQ, Linux vendor kernels are found to have security vulnerabilities due to flawed engineering processes. However, there is a solution to this issue.
In the Linux community, it is common knowledge that using the latest long-term stable kernel is crucial for security. According to Greg Kroah-Hartman, a prominent member of the kernel security team, simply using a long-term stable kernel is not enough. To maximize security, it is important to always stay updated with the most recent release.
In the technology industry, keeping software up to date is crucial for security reasons. This is especially important for the Linux kernel, as any bug in the kernel could potentially become a security issue. Google Linux kernel engineer, Kees Cook, advises vendors to continuously update to the latest kernel release, either major or stable, despite the potential challenges it may bring.
Jonathan Corbet, a Linux kernel developer and editor-in-chief of LWN, has stated that almost any bug in the kernel can be exploited to compromise the system if the attacker is clever enough. The kernel is particularly vulnerable because it is a critical component of the system and can turn ordinary bugs into serious vulnerabilities.
In a recent paper, CIQ engineers Ronnie Sahlberg, Jonathan Maple, and Jeremy Allison have provided evidence to support the claim that almost all vendor kernels are insecure, and that it is impossible to make them secure using current engineering practices. Their research highlights the need for improved security measures in the development of kernels.
monly referred to as the “vendor kernel.”

The vendor kernel is a customized version of the Linux kernel that is maintained by Linux vendors like Red Hat. It is created by taking a snapshot of a specific Linux release and then backporting selected fixes as changes occur in the upstream git tree.

This method was originally designed to accommodate out-of-tree device drivers and aims to enhance stability and security by carefully selecting changes to backport.

In a recent paper, researchers analyzed the change rate and bug count in Red Hat Enterprise Linux (RHEL) 8.8, specifically focusing on the kernel version 4.18.0-477.27.1, which is commonly used as the vendor kernel.

The analysis aimed to understand how the vendor kernel works in practice. It examined the rate of changes made to the kernel and the number of bugs encountered.

By studying the vendor kernel, researchers gained insights into its stability and security measures. This research can help Linux vendors further improve their kernel maintenance processes and ensure reliable performance for their customers.
In the latest update from the technology industry, the website has released a new upstream kernel. This update, version 1800, brings several improvements and enhancements to the existing kernel. Users can now compare their current kernel with the latest version to see if any updates are necessary. Stay tuned for more news and updates from the technology world.