Ubuntu 18.04 LTS Receives First Kernel Security Update for Mitigating Spectre Variant 4 Impact

Ubuntu 18.04 LTS (Bionic Beaver) system ushered in the first kernel security update today, focusing on fixing Speculative Store Buffer Bypass (SSBB) side-channel vulnerabilities affecting Ubuntu and its derivatives, namely Spectre Variant 4 (CVE-2018- 3639), allows local attackers to obtain sensitive information.

In the security, bulletin wrote: “Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a side-channel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory.”

Canonical reminded in an announcement that if you want to completely repair Spectre Variant 4 vulnerabilities, users must upgrade the processor’s microcode firmware. At present, the company has cooperated with Intel to provide microcode to completely repair Spectre Variant 4 vulnerabilities. AMD users need to contact suppliers to repair firmware updates.