[Linux-aus] Kernel upgrade needed

Russell Coker russell at coker.com.au
Fri Jan 21 18:00:56 AEDT 2022

TLDR: For a typical user the only thing to do to maintain a secure system with 
normal functionality is to install the latest kernel update.


This explanation of the bug with kernel namespaces is inadequate.  If you 
disable user namespaces then systemd functionality will be impacted.  All 
systemd users are using namespaces without really noticing it, it's not 
limited to people running Docker or similar things.


Above is a bug report related to disabling such functionality.  I encountered 
this issue after installing the hardening-runtime package in Debian which in 
it's default configuration disables such namespaces as a preventative measure.  
Obviously this CVE proved the benefit in the hardening-runtime package but 
also maintaining system functionality is a good thing.

For Debian/Bullseye the package linux-image-5.10.0-11-amd64 has the fix for 

My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/

More information about the linux-aus mailing list