Audit Open Original ↗
Linux Kernel
Type
Security review
Client
—
Date
2021-04
Domain
Crypto
Effort
2 wks
Section
Cryptography Reviews
Trail of Bits's security review of Linux Kernel (Apr 2021) identified 7 issues: 1 medium, 4 low, and 2 informational.
Findings · 7
- 1 Use of smart cards for GPG and SSH not enforced for key individuals Medium
- 2 Recommended smart card does not require touch activation Low
- 3 Lack of documented key management policies and procedures Low
- 4 Lack of public-key authentication resources Informational
- 5 Use of older public-key algorithms and standards within web of trust Informational
- 6 Lack of external integrity validation mechanisms Low
- 7 Lack of SSH key rotation Low
Findings extracted from the published report PDF. See the full report below for details and remediation.
Related
- 2025-10 Zama Audit
- 2025 Cut To The QUIC: Slashing QUIC's Performance With A Hash DoS Talk
- 2025 One, Two, TEE: Trust in Numbers Meets Hardware Security Talk
- 2024 Weak Fiat-Shamir attacks on modern proof systems Talk
- 2024 Building a Rusty path validation library for PyCA Cryptography Talk
- 2024 Implementing X.509 path validation for Python Talk