Users are urged to update their systems immediately
The new kernel patches address the Spectre security flaw ( CVE-2017-5753, CVE-2017-5715) for the i386, amd64, PPC64el, and s390x architectures on Ubuntu 17.10 and Ubuntu 16.04 LTS, including for Ubuntu 16.04.3 LTS users using the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 and Ubuntu 14.04.5 LTS users using the HWE kernel from Ubuntu 16.04 LTS.
On the other hand, Ubuntu 14.04 LTS users received Spectre mitigations only for i386 and amd64 architectures. Same goes for Ubuntu 12.04 ESM (Extended Security Maintenance) systems using the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS.
«Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via side-channel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory,» read the security advisories.
Canonical also included patches to fix the Meltdown vulnerability ( CVE-2017-5754) for the PPC64el (PowerPC 64-bit Little Endian) hardware architecture on Ubuntu 17.10 (Artful Aardvark) and Ubuntu 16.04 LTS (Xenial Xerus), as well as for Ubuntu 14.04.5 LTS systems using the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS.
