“Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via side-channel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory (CVE-2017-5754),”
For Ubuntu 17.10, this newer kernel patch also fixes four other security vulnerabilities that involve the deployment of a Berkeley Packet Filter (BPF) in the Linux Kernel that allows local attackers to execute arbitrary code or system crashes with service refusal CVE-2017-17863, CVE-2017-16995, CVE-2017-17862 and CVE-2017-17864).
Source: Softpedia
