Linux 5.14 offers new security protections

Linux on a blue background with a circuit-board-like graphic
(Image credit: Shutterstock)

Version 5.14 of the Linux kernel shipped over the weekend, featuring new protections against the Spectre and Meltdown attacks that threatened Intel CPU security.

A secret feature enables developers to create memory areas available only to the application that owns them, blocking even the kernel from monitoring them. This is useful to hold sensitive data, such as encryption keys.

Another secure feature is core scheduling. This makes it safer to use hyperthreading, which allows multiple programs to share a single core. Turning off hyperthreading helped prevent the 2019 side-channel attacks but carried a performance hit, which is significant for cloud service providers running thousands of servers.

Core scheduling allows admins to separate sensitive processes in hyperthreading schedules, making it less likely that one process will snoop on another.

The kernel also features improved journaling on EXT4 file systems, offering more protection against information leaks.

Security features aside, the new kernel comes with a range of extra hardware support and enhancements. These include support for Intel's Alder Lake P graphics, and Qualcomm's Adreno 660 GPU. It also features enhancements to the open source AMD GPU drivers, including the ability to hot swap them.

Linux 5.14 also includes support for hardware-based microphones and webcam kill switches on Dell laptops. Over the last few years, Dell has been a staunch Linux supporter, shipping developer versions of its laptops with preinstalled Linux and driver support.


Five questions to ask before you upgrade to a modern SIEM

Do you need a better defense strategy?


The kernel also drops support for legacy integrated device electronics (IDE) storage interfaces, helping to offset the ongoing growth of the code base.

Linus creator, Linus Torvalds, announced the new kernel along with acknowledging the operating system's 30th birthday. "The celebrations will go on for a few more weeks yet, but you all may just need a breather from them," he said.

"And when that happens, I have just the thing for you - a new kernel release to test and enjoy. Because 5.14 is out there, just waiting for you to kick the tires and remind yourself what all the festivities are about."

Those who want early access to the latest kernel can download the source code and compile it themselves. Otherwise, Linux distributions will begin adopting 5.14 over time.

Distributions either come as time-based releases, with period increments that roll up collections of features including the kernel, or rolling releases that update more frequently with new features. Examples of the former include Ubuntu, while Arch is a rolling release distribution.

Danny Bradbury

Danny Bradbury has been a print journalist specialising in technology since 1989 and a freelance writer since 1994. He has written for national publications on both sides of the Atlantic and has won awards for his investigative cybersecurity journalism work and his arts and culture writing. 

Danny writes about many different technology issues for audiences ranging from consumers through to software developers and CIOs. He also ghostwrites articles for many C-suite business executives in the technology sector and has worked as a presenter for multiple webinars and podcasts.