There’s another great reason to update to 64-bit Linux now

32-bit Linux won’t see an important security fix

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Anyone still considering whether to update to 64-bitLinux kernelsnow has another big motivation after it was revealed 32-bit editions won’t be getting a major security fix.

Intel’s Pawan Gupta recently took to the lore.kernel.org mailing list to answer customer questions, one of which concerned the fix to Retbleed for 32-bit OS’.

“Intel is not aware of production environments that use 32-bit mode on Skylake-gen CPUs. So this should not be a concern.” Intel’s Peter Zijlstra chimed in to add: “Yeah, so far nobody cared to fix 32-bit. If someone realllllly cares and wants to put the effort in I suppose I’ll review the patches, but seriously, you shouldn’t be running 32-bit kernels on Skylake / Zen based systems, that’s just silly.”

Stealing secrets

Retbleed is the latest speculative execution attack, and a variant of the dreaded Spectre vulnerability that was discovered back in 2018. It is tracked as CVE-2022-29900 and CVE-2022-29901, and has already been fixed for the 64-bit versions.

Earlier this month, two researchers from ETH Zurich discovered itallows abusers access to kernel memory, and given the nature of the flaw, fixing it also means slowing the chips down. “When computers execute special calculation steps to compute faster, they leave traces that hackers could abuse,” the researchers said.

These traces can be exploited, the researchers further found, giving threat actors unauthorized access to any information in the targetendpoint, which includes encryption keys, passwords, and other secrets.

Here’s another good reason never to use cracked software>Linux kernel team has conquered Retbleed, Torvalds says>Keep your devices safe with the best antivirus solutions right now

The flaw is particularly risky in cloud environments, the researchers further said, where multiple companies share the same systems. In other words, one vulnerability could expose the secrets of multiple companies.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The National Center for Cyber Security in Bern, Switzerland considers the vulnerability serious because the affected processors are in use worldwide, the researchers sad.

Via:Tom’s Hardware

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

‘That was never the plan’: Arcane creators dismiss claims that the hit Netflix show was going to run for five seasons