Here is the status page for the Ubuntu updates on Spectre and Meltdown. For a background on these vulnerabilities, see the Meltdown and Spectre Attacks website.
In this post we are trying out the Spectre & Meltdown Checker on different versions of the stock Ubuntu Linux kernel.
Trying the Spectre & Meltdown Checker before any updates
Let’s clone the repository and run the script.
$ git clone https://github.com/speed47/spectre-meltdown-checker ... $ cd spectre-meltdown-checker/$ sudo ./spectre-meltdown-checker.sh
As expected, it shows the old kernel being quite vulnerable. The checker looks into the kernel files instead of actually running any proof-of-concept code to verify any issues. The checker is continuously developed, here we tried at commit d6e4aa4. The output might be different if you try out a newer version.
Trying out the checker after the 26th January 2018 updates
Here is the output of the checker with the stock Ubuntu Linux kernel that was revised on the 26th January 2018.
What we see here, is that some issues have been fixed while others need a newer update.
Specifically, both Spectre Variant 1 and Meltdown (Variant 3) appear to be fixed.
Spectre Variant 2 needs more work and the Hardware needs much more.
Let’s see what /proc/cpuinfo says,
$ grep ^bugs /proc/cpuinfo | uniq bugs : cpu_meltdown spectre_v1 spectre_v2
There is some extra reporting through sysfs (/sys/devices/system/cpu/vulnerabilities/) that I suppose will make it to the stock Ubuntu Linux kernels during the next kernel update in February.
1 pings
[…] the post Checking the Ubuntu Linux kernel updates on Spectre and Meltdown we saw the initial support of countermeasures in the Ubuntu Linux kernel for Spectre and […]