Language Selection

English French German Italian Portuguese Spanish

Meltdown Patches and Problems

Filed under
  • [Ubuntu] Meltdown and Spectre Status Update

    On Tuesday, January 9, 2018 we released Ubuntu kernel updates for mitigation of CVE-2017-5754 (aka Meltdown / Variant 3) for the x86-64 architecture.

  • Lubuntu 17.10.1 (Artful Aardvark) released!

    Lubuntu 17.10.1 has been released to fix a major problem affecting many Lenovo laptops that causes the computer to have BIOS problems after installing. You can find more details about this problem here.

    Please note that the Meltdown and Spectre vulnerabilities have not been fixed in this ISO, so we advise that if you install this ISO, update directly after.

    This release is no different in terms of features from the 17.10 release, and is comparable to an LTS point release in that all updates since the 17.10 release have been rolled into this ISO. You can find the initial announcement here.

  • Check Linux for Spectre or Meltdown vulnerability

    Devices running Linux are affected by Spectre and Meltdown vulnerabilities as much as their Windows counterparts.

    Development teams work on updated kernels for the various distributions, and users need to update browsers and other software to protect data against potential attacks.

    We talked about identifying whether your Windows PC or web browser is vulnerable already. A recently published script does the same for Linux systems. You may use it to check whether your Linux distribution is vulnerable.

  • Meltdown Patch Is Causing Problems for Some Ubuntu Linux Users

    Many Ubuntu Linux users who installed the latest kernel updates to fix the Meltdown CPU vulnerability found themselves stuck in a boot loop and had to revert back to a previous version.

    The problem affected mostly Ubuntu 16.04 (Xenial Xerus), which is a long-term support (LTS) release. Soon after the 4.4.0-108 kernel update was released to fix the Meltdown vulnerability, users flooded the Ubuntu Forums and bug tracker to report booting problems.

  • Meltdown Update Kernel doesnt boot
  • Major Linux distros have Meltdown patches, but that's only part of the fix

    The Intel Meltdown security problem is the pain that just keeps hurting. Still, there is some good news. Ubuntu and Debian Linux have patched their distributions. The bad news? It's becoming clearer than ever that fixing Meltdown causes significant performance problems. Worst still, many older servers and appliances are running insecure, unpatchable Linux distributions.

More in Tux Machines

Radeon GPUs Are Increasingly Competing With NVIDIA GPUs On Latest RadeonSI/RADV Drivers

As it's been a few weeks since last delivering a modest Linux GPU comparison and given the continuously evolving state of the Linux kernel Git tree as well as the Mesa project that houses the RadeonSI OpenGL and RADV Vulkan drivers, here are our latest benchmarks showing the current state of the AMD Radeon open-source Linux graphics driver performance relative to NVIDIA's long-standing and high-performance but proprietary driver using several different graphics cards. Read more

AMD And CTS Labs: A Story Of Failed Stock Manipulation

We have attempted to contact Jessica Schaefer from Bevel PR, the listed PR firm on the vulnerability disclosure website, only to be greeted by a full voicemail inbox. We attempted to contact both Bevel PR and CTS Labs by email and inquire about the relationship between CTS and Viceroy, and provided them with ample time to respond. They did not respond to our inquiry. So, let's look at Viceroy Research. According to MoneyWeb, Viceroy Research is headed by a 44-year-old British citizen and ex-social worker, John Fraser Perring, in conjunction with two 23-year-old Australian citizens, Gabriel Bernarde and Aidan Lau. I wonder which of these guys is so fast at typing. Viceroy Research was the group responsible for the uncovering of the Steinhoff accounting scandal, about which you can read more here. After successfully taking down Steinhoff, it tried to manufacture controversy around Capitec Bank, a fast-growing South African bank. This time it didn't work out so well. The Capitec stock price dropped shortly and quickly recovered when the South African reserve bank made a statement that Capitec's business is sound. Just a week ago Viceroy attempted to do the same thing with a German company called ProSieben, also with mixed success, and in alleged breach of German securities laws, according to BaFin (similar to the SEC). Now, it appears it is going after AMD, though it looks to be another unsuccessful attack. Investor Takeaway After the announcement of this news, AMD stock generally traded sideways with slight downward movement, not uncommon for AMD in general. Hopefully this article showed you that CTS's report is largely nonsense and a fabrication with perhaps a small kernel of truth hidden somewhere in the middle. If the vulnerabilities are confirmed by AMD, they are likely to be easily fixed by software patches. If you are long AMD, stay long. If you are looking for an entry point, this might be a good opportunity to use this fake news to your advantage. AMD is a company with a bright future if it continues to execute well, and we see it hitting $20 per share by the end of 2018. Read more

Canonical Officially Announces Mozilla's Firefox as a Snap App for Ubuntu Linux

The Firefox Snap package appears to be maintained by Mozilla, which allows Linux users to test drive the latest features of their Quantum browser on multiple GNU/Linux distributions that support Canonical's Snappy universal binary format. Developed by Canonical, the Snap universal application packaging format for Linux lets Linux users enjoy the most recent release of a software product as soon as it's released upstream. It's secure by design and works natively on multiple popular Linux OSes. Read more

today's leftovers