Language Selection

English French German Italian Portuguese Spanish

Meltdown Patches and Problems

Filed under
Security
Ubuntu
  • [Ubuntu] Meltdown and Spectre Status Update

    On Tuesday, January 9, 2018 we released Ubuntu kernel updates for mitigation of CVE-2017-5754 (aka Meltdown / Variant 3) for the x86-64 architecture.

  • Lubuntu 17.10.1 (Artful Aardvark) released!

    Lubuntu 17.10.1 has been released to fix a major problem affecting many Lenovo laptops that causes the computer to have BIOS problems after installing. You can find more details about this problem here.

    Please note that the Meltdown and Spectre vulnerabilities have not been fixed in this ISO, so we advise that if you install this ISO, update directly after.

    This release is no different in terms of features from the 17.10 release, and is comparable to an LTS point release in that all updates since the 17.10 release have been rolled into this ISO. You can find the initial announcement here.

  • Check Linux for Spectre or Meltdown vulnerability

    Devices running Linux are affected by Spectre and Meltdown vulnerabilities as much as their Windows counterparts.

    Development teams work on updated kernels for the various distributions, and users need to update browsers and other software to protect data against potential attacks.

    We talked about identifying whether your Windows PC or web browser is vulnerable already. A recently published script does the same for Linux systems. You may use it to check whether your Linux distribution is vulnerable.

  • Meltdown Patch Is Causing Problems for Some Ubuntu Linux Users

    Many Ubuntu Linux users who installed the latest kernel updates to fix the Meltdown CPU vulnerability found themselves stuck in a boot loop and had to revert back to a previous version.

    The problem affected mostly Ubuntu 16.04 (Xenial Xerus), which is a long-term support (LTS) release. Soon after the 4.4.0-108 kernel update was released to fix the Meltdown vulnerability, users flooded the Ubuntu Forums and bug tracker to report booting problems.

  • Meltdown Update Kernel doesnt boot
  • Major Linux distros have Meltdown patches, but that's only part of the fix

    The Intel Meltdown security problem is the pain that just keeps hurting. Still, there is some good news. Ubuntu and Debian Linux have patched their distributions. The bad news? It's becoming clearer than ever that fixing Meltdown causes significant performance problems. Worst still, many older servers and appliances are running insecure, unpatchable Linux distributions.

More in Tux Machines

today's howtos

Graphics: VC4 and AMDVLK Driver

  • VC4 display, VC5 kernel submitted
    For VC5, I renamed the kernel driver to “v3d” and submitted it to the kernel. Daniel Vetter came back right away with a bunch of useful feedback, and next week I’m resolving that feedback and continuing to work on the GMP support. On the vc4 front, I did the investigation of the HDL to determine that the OLED matrix applies before the gamma tables, so we can expose it in the DRM for Android’s color correction. Stefan was also interested in reworking his fencing patches to use syncobjs, so hopefully we can merge those and get DRM HWC support in mainline soon. I also pushed Gustavo’s patch for using the new core DRM infrastructure for async cursor updates. This doesn’t simplify our code much yet, but Boris has a series he’s working on that gets rid of a lot of custom vc4 display code by switching more code over to the new async support.
  • V3D DRM Driver Revised As It Works To Get Into The Mainline Kernel
    Eric Anholt of Broadcom has sent out his revised patches for the "V3D" DRM driver, which up until last week was known as the VC5 DRM driver. As explained last week, the VC5 driver components are being renamed to V3D since it ends up supporting more than just VC5 with Broadcom VC6 hardware already being supported too. Eric is making preparations to get this VideoCore driver into the mainline Linux kernel and he will then also rename the VC5 Gallium3D driver to V3D Gallium3D.
  • AMDVLK Driver Gets Fixed For Rise of the Tomb Raider Using Application Profiles
    With last week's release of Rise of the Tomb Raider on Linux ported by Feral Interactive, when it came to Radeon GPU support for this Vulkan-only Linux game port the Mesa RADV driver was supported while the official AMDVLK driver would lead to GPU hangs. That's now been fixed. With the latest AMDVLK/XGL source code as of today, the GPU hang issue for Rise of the Tomb Raider should now be resolved.

AMD Ryzen 7 2700X Linux Performance Boosted By Updated BIOS/AGESA

With last week's initial launch-day Linux benchmarks of the Ryzen 5 2600X / Ryzen 7 2700X some found the Linux performance to be lower than Windows. While the root cause is undetermined, a BIOS/AGESA update does appear to help the Linux performance significantly at least with the motherboard where I've been doing most of my tests with the Ryzen 7 2700X. Here are the latest benchmark numbers. Read more

GNU: The GNU C Library 2.28 and Guix on Android

  • Glibc 2.28 Upstream Will Build/Run Cleanly On GNU Hurd
    While Linux distributions are still migrating to Glibc 2.27, in the two months since the release changes have continued building up for what will eventually become the GNU C Library 2.28. The Glibc 2.28 work queued thus far isn't nearly as exciting as all the performance optimizations and more introduced with Glibc 2.27, but it's a start. Most notable at this point for Glibc 2.28 is that it will now build and run cleanly on GNU/Hurd without requiring any out-of-tree patches. There has been a ton of Hurd-related commits to Glibc over the past month.
  • Guix on Android!
    Last year I thought to myself: since my phone is just a computer running an operating system called Android (or Replicant!), and that Android is based on a Linux kernel, it's just another foreign distribution I could install GNU Guix on, right? It turned out it was absolutely the case. Today I was reminded on IRC of my attempt last year at installing GNU Guix on my phone. Hence this blog post. I'll try to give you all the knowledge and commands required to install it on your own Android device.
  • GNU Guix Wrangled To Run On Android
    The GNU Guix transactional package manager can be made to run on Android smartphones/tablets, but not without lots of hoops to jump through first.