Canonical today fulfilled its promise with the latest in-line kernel and NVIDIA updates fixing Meltdown and Specter vulnerabilities for all still-supported Ubuntu Linux systems. The company released a notice last week saying it will fix two security holes, Meltdown and Specter, in its recent internal patch, which is now fixed with Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus) and Ubuntu 14.04 LTS (Trusty Tahr).
“Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via side-channel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory (CVE-2017-5754),”
For Ubuntu 17.10, this newer kernel patch also fixes four other security vulnerabilities that involve the deployment of a Berkeley Packet Filter (BPF) in the Linux Kernel that allows local attackers to execute arbitrary code or system crashes with service refusal CVE-2017-17863, CVE-2017-16995, CVE-2017-17862 and CVE-2017-17864).
Source: Softpedia
