The release of the Linux 4.15 kernel was delayed for over a week, due to the extra time needed to address the Spectre and Meltdown vulnerabilities.

4.15 comes with added security for Intel and AMD CPUs. In the case of AMD, AMD Secure Encrypted Virtualization, which is a hardware AES, is now supported. This new AES instruction set provides extra security at the hardware level with minimal performance loss.

For Intel, User Mode Instruction Prevention is now supported by Linux. It prevents the execution of instructions that’d allow an attacker to access system-wide settings. It is worth noting that this is only enabled when the Current Privilege Level is set to > 0.

Apart from the security patches, the kernel brings a whole new set of features. It comes with a few changes that will make running Linux on NVMe drives smoother, as well as support for RAID 10 in Linux Soft RAID.

It is important to note that we aren’t quite done with Spectre and Meltdown. The vulnerabilities still need to be addressed at other levels of the hardware-software stack.

You can find the full announcement here.

Facebooktwittergoogle_plusredditpinterestlinkedinmail