CIO

Ubuntu takes two on Meltdown CPU patch after first one bricked machines

  • Liam Tung (CSO Online)
  • 11 January, 2018 05:46

Ubuntu maker Canonical on Wednesday released a second take on its kernel fix for the Meltdown CPU bug in Ubuntu 16.04 LTS after reports of machines failing to reboot after the update. 

Several users on Ubuntu forums have reported crashes after installing Ubuntu 16.04 (aka Xenial) with the updated kernel version 4.4.0-108. All the crash reports are from users that report having Intel chips. One user with an AMD chip reported no problem with the update.     

Ubuntu released its first Meltdown fix on update on Tuesday January 9 under security notice USN-3522-1, which introduced the buggy kernel image. 

While the update did successfully address the Meltdown attack against Intel’s implementation of speculative execution, it also introduced a regression that caused booting problems.    

In a new security notice published on Wednesday Canonical confirmed the booting issues and released a second update with a new Linux kernel image. 

“USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience,” Ubuntu says i n the new notice USN-3522-3

Several users on Ubuntu forums have confirmed that the new update with the 4.4.0-109 Linux kernel works without any problems.  

“I can confirm that the new 4.4.0-109 kernel is working fine, so if anyone is still trying to get their machine running straight from boot up, simply do your normal update to get the new version, then purge 4.4.0-108, as it seems to be useless for many users, perhaps just Intel CPUs,” wrote one user

The Ubuntu issue is the first case of users on Linux distributions experiencing problems with fixes for the Meltdown and Spectre bugs. 

Microsoft this week suspended its CPU fixes for AMD systems following user reports the update was causing booting problems. Microsoft said that some AMD chipsets don’t conform to documentation that was given to Microsoft in order for it to develop patches for the issues. 

IBM has also announced a round of firmware patches for Power Systems. Firmware updates are available for its POWER7+ and POWER8 CPUs, while POWER9 patches are coming on January 15. The company will release updates for AIX and IBM i operation systems on February 12. Users must install the firmware patch prior to the operating system updates in order to be protected from the two attacks.