Comment # 13 on bug 1161832 from
Created attachment 829601 [details]
with kernel-pae

> It really looks like you should use more secure kernel-pae (NX), not kernel-default.

I was using the kernel which the OS installer suggested. I wasn't aware that a
better option exists and that PAE is relevant for a computer which doesn't
support more than 2GB of RAM. I know what PAE means but I never know it is
"more secure".

> Doesn't it work for you? Could you try it? It won't fix this problem, though.

I installed it and it seems to work (see attachment).

Now there is a mitigation for L1TF and Meltdown. Unfortunately the other
vulnerabilities remain. The bug reported here remains with kernel-pae too.
(also seen in the attachment)

Questions:

- Why doesn't the OS installer suggest kernel-pae if the CPU supports PAE? Is
this another bug/issue to report?

- Could you please suggest a solution for mitigation of the other
vulnerabilities? (I realize this is "off-topic" but I would very very much
appreciate an advice. Please feel free to email me directly if you think it is
more appropriate or direct me to a proper place to ask/read).


You are receiving this mail because: