Users are urged to update their systems immediately

Jan 23, 2018 08:46 GMT  ·  By

Canonical published today a new set of kernel updates for all of its supported Ubuntu Linux releases that include patches for the Spectre and Meltdown security vulnerabilities.

After pulling Intel's microcode firmware update from the software repositories of Ubuntu 17.10, 16.04 LTS, and 14.04 LTS, Canonical now released the Spectre patches for all supported Ubuntu Linux releases, including all official flavors and those using HWE (Hardware Enablement) kernels, and Meltdown kernel patches for PowerPC (PPC64el) architectures.

The new kernel patches address the Spectre security flaw (CVE-2017-5753, CVE-2017-5715) for the i386, amd64, PPC64el, and s390x architectures on Ubuntu 17.10 and Ubuntu 16.04 LTS, including for Ubuntu 16.04.3 LTS users using the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 and Ubuntu 14.04.5 LTS users using the HWE kernel from Ubuntu 16.04 LTS.

On the other hand, Ubuntu 14.04 LTS users received Spectre mitigations only for i386 and amd64 architectures. Same goes for Ubuntu 12.04 ESM (Extended Security Maintenance) systems using the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS.

"Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via side-channel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory," read the security advisories.

Meltdown patches for PowerPC are now available

Canonical also included patches to fix the Meltdown vulnerability (CVE-2017-5754) for the PPC64el (PowerPC 64-bit Little Endian) hardware architecture on Ubuntu 17.10 (Artful Aardvark) and Ubuntu 16.04 LTS (Xenial Xerus), as well as for Ubuntu 14.04.5 LTS systems using the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS.

Users are urged to update their systems to linux-image 4.13.0.31.33 on  Ubuntu 17.10, linux-image 4.4.0.112.118 on Ubuntu 16.04 LTS, linux-image 3.13.0.141.151 on Ubuntu 14.04 LTS, linux-image-4.13.0-31 4.13.0-31.34~16.04.1 on Ubuntu 16.04.3 LTS (HWE), linux-image-4.4.0-111 4.4.0-111.134~14.04.1 on Ubuntu 14.04.5 LTS (HWE), and linux-image-3.13.0-140-generic 3.13.0-140.189~precise1 on Ubuntu 12.04 ESM.

To update your system, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Usually, running the "sudo apt-get update && sudo apt-get dist-upgrade" command in the Terminal app does it. Keep in mind that you will need to reboot your computer after installing the new kernel versions, and check to see if your PC is still vulnerable to Spectre and Meltdown attacks.