Cloud Security, DevSecOps

Linux rolls out security improvements with 5.14 kernel update

Linux on Aug. 29 was updated to its 5.14 kernel version, touting performance and security upgrades benefiting enterprise and cloud users, according to TechCrunch.

Linux Engineering Vice President Mike McGrath said Linux 5.14 includes the core scheduling feature, which is designed to address processor-level vulnerabilities such as Spectre and Meltdown which emerged in 2018, and which Linux users could only mitigate by disabling hyper-threading on their CPUs, which resulted in performance declines.

"The feature helps to split trusted and untrusted tasks so that they don't share a core, limiting the overall threat surface while keeping cloud-scale performance relatively unchanged," McGrath said.

The update also seeks to mitigate a long-existing target area for attackers: system memory. A new capability called memfd_secret () will enable applications running on Linux to create a memory range that cannot be accessed by anyone else, including the kernel.

"This means cryptographic keys, sensitive data and other secrets can be stored there to limit exposure to other users or system activities," according to McGrath.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.