GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Embed Notice

HTML Code

Corresponding Notice

  1. Embed this notice
    Matt "msw" Wilson (msw@mstdn.social)'s status on Thursday, 11-Sep-2025 14:10:06 JSTMatt "msw" WilsonMatt "msw" Wilson
    in reply to
    • daniel:// stenberg://
    • Greg K-H
    • Jacques Chester

    @jacques @bagder @gregkh I'd really love to have some public database that would help us all collectively make more efficient resource allocation decisions.

    Let's take CVE-2025-38352 for example. CISA added it to the KEV because Google said that there is evidence of exploitation in the context of Android.

    If you use CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y the fix is not needed.

    Linux distros aren't affected but release "fixes" anyway. https://forums.rockylinux.org/t/rocky-8-10-cve-2025-38352/19590/3

    #PatchAllTheThings! #InfoSec

    In conversationabout 10 months ago from mstdn.socialpermalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: us1.discourse-cdn.com
      Rocky 8.10 - CVE-2025-38352
      OK, I’m busy waiting. Regarding Rocky 9: We also use a machine with kernel 5.14.0-570.37.1.el9. On this machine, the kernel parameter CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y is effective. If I understand correctly, this means that the problem does not occur. Regards
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.