Are all Linux vendor kernels insecure? A new study says yes, but there's a fix

All #vendor #kernels are plagued with #security #vulnerabilities, according to a CIQ whitepaper. Will the #Linux community ever accept #upstream #stable kernels?

In a new white #paper, Vendor Kernels, Bugs and Stability, the infrastructure software and Rocky Linux company CIQ presents a compelling argument that Linux vendor kernels are plagued with security vulnerabilities due to the flawed engineering processes that backport fixes.

While this may shock some, it's an open secret in the Linux community. As Greg Kroah-Hartman, Linux stable kernel maintainer and a prominent member of the kernel security team, recently said: To be secure, you should always use the #latest #long-term stable kernel. The key word here is "latest." It's not enough to use an LTS. You must use the most up-to-date release to be as secure as possible.

https://www.zdnet.com/article/are-all-linux-vendor-kernels-insecure-a-new-study-says-yes-but-theres-a-fix/