Meltdown and Spectre Status Update

On Tuesday, January 9, 2018 we released Ubuntu kernel updates for mitigation of CVE-2017-5754 (aka Meltdown / Variant 3) for the x86-64 architecture. Releases were made for the following supported Ubuntu series:

• 12.04 ESM Precise (kernel v3.2)
• 14.04 LTS Trusty (kernel v3.13)
• 16.04 LTS Xenial (kernel v4.4)
• 17.10 Artful (kernel v4.13)

Optimized kernels based on any of the above series were also released, including linux-aws, linux-azure, linux-gcp, and hardware enablement kernels. Updated cloud images have also been built and published to ensure a consistent Ubuntu experience. In our testing of the released Meltdown mitigations, we are observing that reductions in performance vary depending on the workload.

Ubuntu Zesty 17.04 will end-of-life on Saturday, January 13, 2018. As such, there will be no updates to kernel v4.10 to mitigate Meltdown or Spectre. Users of 17.04 will need to upgrade. As Precise 12.04 LTS has reached end-of-life, only Ubuntu Advantage customers with Extended Security Maintenance for Precise 12.04 will receive updated kernels.

Our focus has now shifted to the mitigation of CVE-2017-5753 and CVE-2017-5715 (aka Spectre / Variants 1 & 2). Microcode has been released for Intel processors (see USN-3531-1). Kernel updates will begin with releasing v4.13 for Artful 17.10 on Monday, January 15, 2018, with 16.04 to follow shortly.

In addition to releasing fixes for Spectre we will be expanding the Meltdown mitigation to other supported architectures.

The industry response to this unprecedented security vulnerability continues to evolve on a daily basis. The Ubuntu Engineering team is committed to delivering high-quality, proven fixes for these issues as they become available to ensure the Ubuntu experience remains as secure and consistent as possible.