The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel. In addition to the new features, some versions of the patch contain various security fixes. The "hardening" features of the patch, while not a complete method of protection, provide an extra layer of security against the easier ways to exploit certain classes of vulnerabilities and/or reduce the impact of those vulnerabilities. The patch can also add a little bit more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing.
|Tags||Security Operating System Kernels Linux Systems Administration|
|Licenses||GPL LGPL Public Domain|
|Operating Systems||POSIX Linux|
Release Notes: The patch has been updated to Linux 126.96.36.199. A post-188.8.131.52 upstream fix for FAT filesystems has been added. The FAQ has been updated.
Release Notes: The patch has been updated to Linux 184.108.40.206.
Release Notes: The patch has been updated to Linux 220.127.116.11. A fix for a typographical error in one of the information leak fixes included into 18.104.22.168 has been added.
Release Notes: Besides being an update to the 22.214.171.124 kernel release, this revision of the patch adds a fix for the sigaltstack local information leak affecting 64-bit kernel builds (CVE-2009-2847).
Release Notes: The patch has been updated to Linux 126.96.36.199, which integrates a replacement for the "personality" hardening measure introduced in 188.8.131.52-ow1.