Re: Kernel support for i.MX6UL and 4.9 LTS updates
On 1/9/2020 2:14 PM, Otavio Salvador wrote:
On Thu, Jan 9, 2020 at 5:08 PM Jesse Gilles <jesse.gilles@...> wrote:On Thu, Jan 9, 2020 at 11:18 AM Clay Montgomery <clay@...> wrote: Hm, I don't agree. If an embedded Linux device uses Wi-Fi and Bluetooth communications, won't vulnerabilities affecting those parts of the kernel need to be patched? Examples: https://www.linuxkernelcves.com/cves/CVE-2019-17133 https://www.linuxkernelcves.com/cves/CVE-2019-16746 https://www.linuxkernelcves.com/cves/CVE-2019-9506 I believe some of these could be exploitable without accessing the device or gaining local privileges.I agree with you Jesse and that's why we've been moving most of our customers to Linux mainline. Most vendor BSP does not have stable updates.
It depends in your target application/market. If anyone can connect to your device with Wi-Fi or Bluetooth, then obviously security is a lot more important.
But, consider the digital signage player market, for example, where it's actually an advantage over Windows and Android devices to never require updates.