Hey all, I have a 32GB Orange Pi 5 + I use to run a bunch of docker containers. I was reading through the github issue about CVE-2026-31431 (“Copy-Fail”) and saw this:
for RK3588 SBCs, one would need to switch to mainline Linux, which is strongly
recommended anyway (and includes tons of more closed CVEs since 6.1.115),
unless certain features are needed, e.g. missing WiFi driver for some of
the Orange Pi 5 variants.
and figure that given that I am not using anything beyond the ethernet PHY and the CPU, there’s no reason to continue running a very old vendor kernel, I just stuck with what diet pi came with when I switched from Armbian. That said, I am not sure what the “right” way to do this in diet pi land is and want to avoid breaking anything or making upgrades a nightmare later.
Side note: if I hadn’t gotten this board for well under retail a year or so ago, I would be furious at how bad rockchip hardware support is. I am annoyed as it is but given that they are listed at $499 some places… yikes.
Thanks in advance!