Chrome OS Vulnerability

55 views
Skip to first unread message

Qop

unread,
Aug 11, 2018, 1:17:34 AM8/11/18
to Chromium OS Discussion
is SegmentSmack affect chrome OS ?
it is say that Linux kernel 4.9 and up.

Mike Frysinger

unread,
Aug 11, 2018, 1:22:15 AM8/11/18
to idot...@gmail.com, Chromium OS discuss
yes, CVE-2018-5390 affects CrOS, but the fixes have already been deployed to R68/R69/R70, and we don't consider it a big deal as it's "only" a DoS.  a reboot of the system (which is fast on CrOS) is enough to recover.

https://crbug.com/866800 tracked it (although it's still restricted and will auto-open after a timeout).
-mike

On Sat, Aug 11, 2018 at 1:17 AM Qop <idot...@gmail.com> wrote:
is SegmentSmack affect chrome OS ?
it is say that Linux kernel 4.9 and up.

--
--
Chromium OS Discussion mailing list: chromium-...@chromium.org
View archives, change email options, or unsubscribe:
https://groups.google.com/a/chromium.org/group/chromium-os-discuss

Selden Deemer

unread,
Aug 11, 2018, 8:52:30 AM8/11/18
to Chromium OS Discussion, idot...@gmail.com
No auto-open after 1 minute of waiting:

Mike Frysinger

unread,
Aug 11, 2018, 9:39:29 AM8/11/18
to Selden, Chromium OS discuss, idot...@gmail.com
it'll be a few weeks

--

Qop

unread,
Aug 11, 2018, 2:03:41 PM8/11/18
to Chromium OS Discussion
i have another question:

if chrome OS always try to use the newest Linux kernel to meet the new hardware recommendation doesn't make chrome OS or cloudready less secure ?
and as you can see in  cvedetails  .COM  linux kernel is quite buggy.

RHEL is one of the secure OS  in the market and they use in RHEL 7.5  Linux kernel 3.10.   


if It is not the place for it ignore this question.
if i concern about exploit base attacks which of the two OS would you recommend me ?

Ryan Gonzalez

unread,
Aug 11, 2018, 3:43:16 PM8/11/18
to idot...@gmail.com, Chromium OS Discussion
I kind of feel like you're comparing apples and oranges... Realistically, Linux isn't particularly buggier than any other kernel with the breadth and capabilities that it has. 

AFAIK RHEL doesn't really use old kernel releases for security; in fact, backporting security patches should (in theory) be able to have more bugs. The older kernels are just more stable, since RHEL users don't really want anything breaking from a kernel upgrade. As for Chrome OS, all people really run is...well, Chrome, so there's not really any concern from that. 

--
--
Chromium OS Discussion mailing list: chromium-...@chromium.org
View archives, change email options, or unsubscribe:
https://groups.google.com/a/chromium.org/group/chromium-os-discuss
---
You received this message because you are subscribed to the Google Groups "Chromium OS Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-os-dis...@chromium.org.
--

Ryan (ライアン)
Yoko Shimomura, ryo (supercell/EGOIST), Hiroyuki Sawano >> everyone else
https://refi64.com/

Reply all
Reply to author
Forward
0 new messages