Jump to content

Recommended Posts

abarbarian
Posted

Intel & AMD Devs Address Bad Linux Kernel Code From Microsoft Dev

 

Quote

Intel and AMD developers fixed a major issue in the Linux 6.13 release, an issue that was caused by a bad commit from a Microsoft developer.

 

Quote

Unfortunately, the code interfered with Control Clow Integrity (CFI), an anti-malware feature that is critical to maintaining Linux security.

 

Quote

Performance should not come at the expense of security, which is exactly what would have happened if this patch had slipped through.

 

Luckily linux devs are on the ball, spotting the mistake and stopping it. 😎

  • +1 1
abarbarian
Posted
19 hours ago, securitybreach said:

And even stopping it before 6.13 stable was released. https://kernel.org/

 

Yes the kernel devs were certainly on the ball in stopping its inclusion. However it raises the question of how it got there in the first place and why it still remains in place albeit disabled. 🧐

 

Intel, AMD engineers rush to save Linux 6.13 after dodgy Microsoft code change

 

Quote

Microsoft is notable for dubious quality control standards regarding releases of its flagship operating system, Windows. That one of its engineers should drop some dodgy code into the Linux kernel is not hugely surprising, and the unfortunate individual is not the first and will not be the last to do so, regardless of their employer.

 

Quote

However, the processes that allowed it to remain in the build this close to public release will be a concern. While it is amusing that engineers from both Intel and AMD were involved in dealing with the issues arising from the contribution of a Microsoft engineer, and the problem never reached the stable release, it is concerning. Petkov will not be the only one wondering how the change made it in without a review by the Linux x86/x86_64 maintainers.

 

Letting Microsoft anywhere near the linux kernel or the linux world was always a recipe for disaster. All Microsoft care about is money and how to get it at any cost. Penguins beware. 😎

  • Agree 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...