Linus Torvalds has published the final release milestone of Linux 4.13 kernel. While the new release is not as big as its previous version, it comes with some significant security enhancements and bug fixes.
One of the most important security issue fixed in Linux 4.13 is related to the generic protocol. The fix changes the system’s default CIFS (Common Internet File System) behaviour. Instead of defaulting to SMB 1.0, the default CIFS is now set to rather modern SMB 3.0. This is a much-needed fix as SMB1 is no longer in use.
“Now, because you shouldn’t have been using SMB1 anyway, this shouldn’t affect anybody. But guess what? It almost certainly does affect some people because they blithely continued using SMB1 without really thinking about it,” Torvalds writes in a mailing list announcement.
Prominently, SMB1 is flagged as insecure for a long time. Even Microsoft’s Windows recently warned users about using SMB1 for file sharing. Some of the high-profile ransomware attacks, including WannaCry and NotPetya, leveraged the vulnerable SMB1 to carry out the attacks.
In the announcement, Torvalds also mentions the reason behind the delay. The Linux creator is down with kidney stone issue. Torvalds has been facing health issues since last seven release candidate versions.
New tweaks for wider support
The final build of Linux 4.13 additionally includes features all-new Kernel Transport Layer Security (KTLS) implementation. This new layer offers improved performance of HTTPS encryption. The TLS encryption is handled outside of Linux kernel in most cases, but the new layer will offer new opportunities for TLS optimisation.
Linux 4.13 also includes support for Intel’s Cannon Lake and Coffee Lake CPUs. Plus, the new kernel version actives the EXT4 file system by default.