The latest version of Jetson Linux still appears to use 5.10.104 when upstream has moved onto 5.10.183. Are there any plans or guarantees as to when Nvidia will pull in or rebase onto upstream security updates?
Yes, we will contiune upgrading to bew kernel, also with security fix, please refer to SW roadmap from Jetson Roadmap | NVIDIA Developer
Thanks @kayccc . So the plan is to upgrade to the latest minor release for 5.10 in Q4 2023, and no security updates will be applied before that?
We will include the security fix also if there is the critical one.
Is there any security issue at current release?
@kayccc while the patch versions also include stability enhancements, generally if you aren’t on the latest patch version you can assume there are known security issues. One issue I found spot checking was CVE-2023-1281, the fix for which removes the tcindex classifier - 18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6 upstream. That was included in 5.10.173.
It would be helpful if Nvidia could go into more details as to exactly what the plan is. Based on releases made so far, my impression is that security fixes will only be supplied for nvidia sourced drivers and upstream fixes will not be applied. Is that correct?
Yes, we will pick up fixes for these issues as part of minor kernel version updates but I don’t know the time line of it now.
All our security related information/fix can be found from NVIDIA Product Security | NVIDIA
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.