14 DAY TRIAL // As promised, Canonical released a few moments ago the new kernel and Nvidia updates to address the Meltdown and Spectre security vulnerability on all supported Ubuntu Linux releases.
The company said last week in a public announcement that it will patch all supported Ubuntu releases against Meltdown and Spectre security vulnerabilities, and the first set of patches are now available in the stable software repositories of Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) to address some of these issues.
"Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via side-channel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory (CVE-2017-5754)," reads the advisory.
For Ubuntu 17.10, the updated kernel also patches four other security issues related to the Berkeley Packet Filter (BPF) implementation in the Linux kernel, which could allow a local attacker to execute arbitrary code or crash the system by causing a denial of service (CVE-2017-17863, CVE-2017-16995, CVE-2017-17862, and CVE-2017-17864).
Nvidia 384.111 update patches the Spectre flaw
Canonical also released an update for the NVIDIA proprietary graphics drivers to address the Spectre security vulnerability, which could allow a local attacker to expose sensitive information, including kernel memory, on Ubuntu 17.10, Ubuntu 17.04, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. The patch also includes compatibility fixes for corresponding Linux kernel updates.
Canonical urges all Ubuntu users to update their installations immediately to linux-image 4.13.0.25.26 on Ubuntu 17.10, linux-image 4.4.0-108.131 on Ubuntu 16.04 LTS, linux-image 3.13.0.139.148 on Ubuntu 14.04 LTS, linux-image 4.4.0-108.131~14.04.1 on Ubuntu 14.04.5 LTS with Xenial HWE kernel, as well as NVIDIA 384.111 graphics driver.
You'll have to reboot your computer after installing these updates. Canonical provides detailed instructions on how to update your Ubuntu Linux systems at https://wiki.ubuntu.com/Security/Upgrades. The company also recommend you to recompile and reinstall any third-party kernel modules you might have installed. Please update your systems as soon as possible!
Update: Canonical released on January 10, 2018, a kernel update to mitigate the Meltdown security vulnerability for users running the Ubuntu 12.04 ESM (Extended Security Maintenance) release. Users should update to linux-image 3.2.0-132.178 on Ubuntu 12.04 or linux-image-generic-lts-trusty 3.13.0.139.129 on Ubuntu 12.04.5 with the Trusty HWE kernel from Ubuntu 14.04 LTS.
Update 2: Canonical also released on January 10, 2018, a Linux kernel update for Ubuntu 16.04.3 LTS users using the HWE (Hardware Enablement) kernel from Ubuntu 17.10. They are urged to update their systems to linux-image-4.13.0-26-generic 4.13.0-26.29~16.04.2. Additionally, there's now a kernel update for Ubuntu 17.10 for Raspberry Pi 2, versioned linux-image-4.13.0-1011-raspi2 4.13.0-1011.11.
Update 3: Some Ubuntu 16.04 LTS users reported boot issues after installing these kernel updates against Meltdown, so Canonical confirmed the regression today, January 10, 2018, releasing another kernel update that fixes any issues. A Xenial HWE kernel is also available for Ubuntu 14.04.5 LTS users.