An Ubuntu kernel bug causes container crashes
An Ubuntu kernel bug causes container crashes
Posted Jul 11, 2022 9:38 UTC (Mon) by ballombe (subscriber, #9523)In reply to: An Ubuntu kernel bug causes container crashes by wtarreau
Parent article: An Ubuntu kernel bug causes container crashes
In particular, the current stable kernel needs to contain 2000 bugs so that when it will be EOLed, it will miss 2000 fixes. In particular, "some will corrupt data, cause random hangs, disconnect your WiFi during an audio conf, make your screen disappear after resume, leave phantom USB devices after some errors, let an intruder escalate privileges on your machine, etc."
This is not reassuring.
Posted Jul 11, 2022 16:54 UTC (Mon)
by wtarreau (subscriber, #51152)
[Link]
No but one thing is certain, it will not magically fix all those that are discovered daily and that affect it.
> In particular, the current stable kernel needs to contain 2000 bugs so that when it will be EOLed, it will miss 2000 fixes.
Maybe more maybe less, who knows.
> > In particular, "some will corrupt data, cause random hangs, disconnect your WiFi during an audio conf, make your screen disappear after resume, leave phantom USB devices after some errors, let an intruder escalate privileges on your machine, etc."
But that's why there are LTS kernels for those who want to stick as long as possible to what works best for them. Some people only deploy a kernel on sensitve systems after one year, so that most of the recent regressions are out of the way. I personally deploy new LTS kernels on my laptop so that I can spot changes or bugs early, and have time to get them fixed before these kernels need to reach servers. That's reasonable.
Posted Jul 11, 2022 18:16 UTC (Mon)
by farnz (subscriber, #17727)
[Link] (1 responses)
The trouble is that stable kernels do contain bugs all over the shop, some of which are exploitable. So the question becomes not "are there bugs in my EOL kernel?", to which the answer is definitely "yes", but "are the bugs in my EOL kernel of concern to me, given that I do not know the scope and impact of the bugs in my kernel?", which is a much harder question to answer.
And it's made exponentially harder by regressions in newer kernels which means that there's no good answer - do you take a newer kernel that fails to boot one time in 10 because your PCIe GPU is left in a bad state by firmware, or stick to the older kernel that has a remotely exploitable bug that you don't know about that lets an intruder escalate privileges on your machine.
Ideally, there would simply not be regressions in the kernel, so updating would always be the right thing to do. But that's not the world we live in; my experience is that I'm better off taking Linus's recent release, finding regressions and reporting them ASAP (so that the bug reports go to people who've been working in the right bits of the kernel recently, and bisect is often possible in reasonable time) than putting off updates for as long as possible and then reporting a huge number of regressions in one go, but other people will have had other experiences.
Posted Jul 12, 2022 4:30 UTC (Tue)
by wtarreau (subscriber, #51152)
[Link]
An Ubuntu kernel bug causes container crashes
For sure the best way not to know about bugs is to use an EOL version that doesn't receive fixes.
> This is not reassuring.
An Ubuntu kernel bug causes container crashes
An Ubuntu kernel bug causes container crashes