grsecurity - The Reports of CVE's Death Have Been Greatly Exaggerated
grsecurity.net
A prominent Linux kernel developer wants to replace CVE's use on the kernel by rebranding another kind of identifier that has been around for years. We look into why that's unlikely to happen any time soon.

This basically means that fixes for most security vulnerabilities are not be able to be back-ported to LTS kernels but on the other side around stable releases contain all security fixes made so far.

In other words, use stable Kernels over LTS, whenever possible, assuming everything works for you and there are no specific circumstances such as working in an environment where you have no control over the Kernel - limited access etc.

  • @isleofmist@lemmy.ml
    12 years ago

    In other words, use stable Kernels over LTS, whenever possible

    I think this is generally good advice, not just for security. Latest stable kernel is usually more stable and less buggy than the latest LTS.