To address the L1 Terminal Fault, Spectre V4, and RSRE flaws

Aug 28, 2018 13:53 GMT  ·  By

Canonical published today a new security advisory to inform users of the Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS operating systems about a new Intel microcode update that address three major security vulnerabilities.

According to the advisory, the new Intel microcode firmware security update mitigates the L1 Terminal Fault (L1TF) vulnerability documented as CVE-2018-3646, which could allow an attacker in a guest virtual machine to expose sensitive information from either the host operating system or other guests.

It also fixes the well known Spectre Variant 4 security vulnerability (CVE-2018-3639) that could allow an attacker to expose sensitive information, including kernel memory via a side-channel attack, and another side-channel attack known as Rogue System Register Read (RSRE) and documented as (CVE-2018-3640).

"Zdenek Sojka, Rudolf Marek, Alex Zuepke, and Innokentiy Sennovskiy discovered that microprocessors that perform speculative reads of system registers may allow unauthorized disclosure of system parameters via a side-channel attack. An attacker could use this to expose sensitive information," reads the security advisory.

Users are urged to update the Intel microcode firmware immediately

If you're using Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus), or Ubuntu 14.04 LTS (Trusty Tahr) operating systems on your computer powered by an Intel processor, Canonical urges you to update the Intel microcode firmware immediately, along with the latest Linux kernel update, and reboot your systems.

While Ubuntu 18.04 LTS users must update to intel-microcode 3.20180807a.0ubuntu0.18.04.1, Ubuntu 16.04 LTS will have to update to intel-microcode 3.20180807a.0ubuntu0.16.04.1, and Ubuntu 14.04 LTS users to intel-microcode 3.20180807a.0ubuntu0.14.04.1. For instructions on how to update your Ubuntu installation, check out the Ubuntu Wiki article at https://wiki.ubuntu.com/Security/Upgrades.