14 DAY TRIAL // SUSE's Matthias G. Eckermann and Marcus Meissner have released statements today regarding the recently disclosed Meltdown and Spectre CPU vulnerabilities that affect us all.
Like almost all operating systems out there, SUSE Enterprise Linux (SLE) and OpenSuSE (Leap and Tumbleweed) are also affected by these serious hardware bugs that could allow unprivileged attackers to steal sensitive data from kernel memory using malicious apps, and patches are coming shortly.
"SUSE engineers have been working with other hardware and operating systems vendors to prepare patches to mitigate these flaws over the last weeks and have been preparing updates. As the embargo was lifted last night, we could now also start openSUSE updates," says Marcus Meissner in an announcement.
openSUSE Leap 42.2 and 42.3, SLE 12 SP2 and SP3, and Tumbleweed will all be patched soon
According to Matthias G. Eckermann, SUSE is now ready to release patches to mitigate the Meltdown and Spectre CPU vulnerabilities for the SUSE Linux Enterprise (SLE) 12 SP2 and SP3 operating systems, which shares the kernel codebase with openSUSE Leap 42.2 and openSUSE Leap 42.3.
This means that openSUSE Leap 42.2 and openSUSE Leap 42.3 users will soon received the same kernel updates as SUSE Linux Enterprise 12 once the new kernel versions have been built successfully and pass a quick openQA check. On the other hand, the openSUSE devs are currently in the process of porting the new patches to the openSUSE Tumbleweed repos.
openSUSE Tumbleweed is powered by the newer Linux 4.14 kernel series, and users will shortly be able to install Linux kernel 4.14.11, which contains patches for the Meltdown vulnerability, but to also fix one of the three variants of the Spectre flaw, these kernel updates will be accompanied by new versions of kernel-firmware, ucode-intel, and qemu packages.
As expected, users are urged to update their systems and install the new kernel, qemu, ucode-intel, and kernel-firmware updates as soon as they are available in the stable software repositories of their SUSE Enterprise Linux, openSUSE Leap, or openSUSE Tumbleweed operating system. Please keep in mind that you'll have to reboot your computer after installing a new kernel version.