1. Forum
  2. Newsgroups
  3. comp.os.linux.advocacy

  • Kernel 6.18.1 Security Report

    From Farley Flud@fflud@gnu.rocks to comp.os.linux.advocacy on Sat Dec 13 16:23:52 2025
    From Newsgroup: comp.os.linux.advocacy

    I do beg your pardons, but I have forgotten to provide a security
    report after updating my kernel to 6.18.1.

    Well, here it is. Look for the term "Vulnerable:"

    [~]# grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/gather_data_sampling:Vulnerable: No microcode
    /sys/devices/system/cpu/vulnerabilities/ghostwrite:Not affected /sys/devices/system/cpu/vulnerabilities/indirect_target_selection:Vulnerable /sys/devices/system/cpu/vulnerabilities/itlb_multihit:Processor vulnerable /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected /sys/devices/system/cpu/vulnerabilities/mds:Not affected /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/mmio_stale_data:Vulnerable /sys/devices/system/cpu/vulnerabilities/old_microcode:Not affected /sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling:Not affected /sys/devices/system/cpu/vulnerabilities/retbleed:Vulnerable /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow:Not affected /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable: __user pointer sanitization and user
    /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable; IBPB: disabled; STIBP: disabled; PBR
    /sys/devices/system/cpu/vulnerabilities/srbds:Vulnerable: No microcode /sys/devices/system/cpu/vulnerabilities/tsa:Not affected /sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected /sys/devices/system/cpu/vulnerabilities/vmscape:Vulnerable

    Holy godzilla mutherfuckers! That list just gets longer with every
    new release.

    This is for a Xeon W 1270P processor. Note how I am vulnerable
    EVERYWHERE.

    If each mitigation would reduce performance by a measly 1%, we would
    need to multiply that figure by the length of this list which amounts
    to 19%. The reality is probably much higher.

    Whew! Only a retarded fool would enable mitigations.
    --
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Joel W. Crump@joelcrump@gmail.com to comp.os.linux.advocacy on Sat Dec 13 11:36:59 2025
    From Newsgroup: comp.os.linux.advocacy

    On 12/13/25 11:23 AM, Farley Flud wrote:

    I do beg your pardons, but I have forgotten to provide a security
    report after updating my kernel to 6.18.1.

    Well, here it is. Look for the term "Vulnerable:"

    [~]# grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/gather_data_sampling:Vulnerable: No microcode
    /sys/devices/system/cpu/vulnerabilities/ghostwrite:Not affected /sys/devices/system/cpu/vulnerabilities/indirect_target_selection:Vulnerable /sys/devices/system/cpu/vulnerabilities/itlb_multihit:Processor vulnerable /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected /sys/devices/system/cpu/vulnerabilities/mds:Not affected /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/mmio_stale_data:Vulnerable /sys/devices/system/cpu/vulnerabilities/old_microcode:Not affected /sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling:Not affected /sys/devices/system/cpu/vulnerabilities/retbleed:Vulnerable /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow:Not affected /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable: __user pointer sanitization and user
    /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable; IBPB: disabled; STIBP: disabled; PBR
    /sys/devices/system/cpu/vulnerabilities/srbds:Vulnerable: No microcode /sys/devices/system/cpu/vulnerabilities/tsa:Not affected /sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected /sys/devices/system/cpu/vulnerabilities/vmscape:Vulnerable

    Holy godzilla mutherfuckers! That list just gets longer with every
    new release.

    This is for a Xeon W 1270P processor. Note how I am vulnerable
    EVERYWHERE.

    If each mitigation would reduce performance by a measly 1%, we would
    need to multiply that figure by the length of this list which amounts
    to 19%. The reality is probably much higher.

    Whew! Only a retarded fool would enable mitigations.


    You are so completely insane that you spend time on this obsessing.
    When the machine works in my favor, I sense that. I don't need to
    unscrew every part, reattach every wire, Jesus fucking Christ get a
    life, dude.
    --
    Joel W. Crump
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From =?UTF-8?Q?St=C3=A9phane?= CARPENTIER@sc@fiat-linux.fr to comp.os.linux.advocacy on Sat Dec 13 17:56:03 2025
    From Newsgroup: comp.os.linux.advocacy

    Le 13-12-2025, Farley Flud <fflud@gnu.rocks> a écrit :
    I do beg your pardons, but I have forgotten to provide a security
    report after updating my kernel to 6.18.1.

    No need for that: you already proved you know nothing about security.

    Whew! Only a retarded fool would enable mitigations.

    You see? Without your comment a new reader could have imagined you have
    some clue, but you just ruined it.
    --
    Si vous avez du temps à perdre :
    https://scarpet42.gitlab.io
    --- Synchronet 3.21a-Linux NewsLink 1.2