Skip to content

Releases: MethodWhite/kernel-security-patches

Kernel 6.19.13.parrot.custom+2.0-cachyos (Hardened)

12 May 04:35
@MethodWhite MethodWhite
v2.0
b5f0680

Choose a tag to compare

View all tags
Kernel 6.19.13.parrot.custom+2.0-cachyos (Hardened) Latest
Latest

Kernel 6.19.13.parrot.custom+2.0-cachyos — Hardened

Changes since v1.0

  • CachyOS scheduler with BORE optimizations
  • NVIDIA DKMS fix: patched mutex_destroy GPL export for NVIDIA 550.x compatibility
  • Restored INET_AH, INET_ESP, INET_DIAG, IP_SCTP, RDS, TIPC
  • All prior v1.0 hardening retained (27+ mitigations, Dirty Frag fix, CVE patches)

Install

sudo dpkg -i linux-image-6.19.13-parrot.custom+2.0-cachyos-g372c9ba96bd4-dirty_6.19.13-g372c9ba96bd4-8_amd64.deb \
            linux-headers-6.19.13-parrot.custom+2.0-cachyos-g372c9ba96bd4-dirty_6.19.13-g372c9ba96bd4-8_amd64.deb
sudo update-grub
sudo reboot

Build

See https://github.com/MethodWhite/kernel-security-patches

Assets 5
Loading

Kernel 6.19.13.parrot.custom+1.0 — Hardened

09 May 16:52
@MethodWhite MethodWhite
v6.19.13-parrot-custom+1.0
23040e3

Choose a tag to compare

View all tags
Kernel 6.19.13.parrot.custom+1.0 — Hardened

Custom Hardened Kernel 6.19.13

Linux 6.19.13 with 27+ security hardening options enabled.

Hardening Highlights

  • MODULE_SIG_FORCE — blocks unsigned kernel modules
  • LOCK_DOWN_KERNEL_FORCE_INTEGRITY — kernel lockdown
  • RANDSTRUCT_PERFORMANCE — randomized struct layouts
  • INIT_ON_FREE_DEFAULT_ON — zero memory on free
  • Dirty Frag LPE patched (SKBFL_SHARED_FRAG)
  • CPU mitigations: SLS, RETBLEED, SRSO, GDS, RFDS, Spectre BHI

Install

sudo dpkg -i linux-image-6.19.13.parrot.custom+1.0_1_amd64.deb \
            linux-headers-6.19.13.parrot.custom+1.0_1_amd64.deb
sudo update-grub
sudo reboot

Build

  • GCC 14.2.0
  • Config: Parrot OS amd64 base + hardening overlay
  • Full changelog: kernel-6.19-custom/CHANGELOG.md
Loading