1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-3540-1

[USN-3540-1] Linux kernel vulnerabilities

Severity Critical
Affected Packages 11
CVEs 3
Info Packages Vulnerabilities

Several security issues were addressed in the Linux kernel.

Jann Horn discovered that microprocessors utilizing speculative
execution and branch prediction may allow unauthorized memory
reads via sidechannel attacks. This flaw is known as Spectre. A
local attacker could use this to expose sensitive information,
including kernel memory. This update provides mitigations for the
i386 (CVE-2017-5753 only), amd64, ppc64el, and s390x architectures.
(CVE-2017-5715, CVE-2017-5753)

USN-3522-1 mitigated CVE-2017-5754 (Meltdown) for the amd64
architecture in Ubuntu 16.04 LTS. This update provides the
corresponding mitigations for the ppc64el architecture. Original
advisory details:

Jann Horn discovered that microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized memory
reads via sidechannel attacks. This flaw is known as Meltdown. A local
attacker could use this to expose sensitive information, including
kernel memory. (CVE-2017-5754)

Package Affected Version
pkg:deb/ubuntu/linux-image-extra-4.4.0-9023-euclid?distro=xenial < 4.4.0-9023.24
pkg:deb/ubuntu/linux-image-extra-4.4.0-112-generic?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-9023-euclid?distro=xenial < 4.4.0-9023.24
pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc64-smp?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc64-emb?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc-smp?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc-e500mc?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-112-lowlatency?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-112-generic?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-112-generic-lpae?distro=xenial < 4.4.0-112.135
pkg:deb/ubuntu/linux-image-4.4.0-1049-aws?distro=xenial < 4.4.0-1049.58
ID
USN-3540-1
Severity
critical
URL
https://ubuntu.com/security/notices/USN-3540-1
Published
2018-01-23T00:26:16
(6 years ago)
Modified
2018-01-23T00:26:16
(6 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-extra-4.4.0-9023-euclid?distro=xenial ubuntu linux-image-extra-4.4.0-9023-euclid < 4.4.0-9023.24 xenial
Affected pkg:deb/ubuntu/linux-image-extra-4.4.0-112-generic?distro=xenial ubuntu linux-image-extra-4.4.0-112-generic < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-9023-euclid?distro=xenial ubuntu linux-image-4.4.0-9023-euclid < 4.4.0-9023.24 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc64-smp?distro=xenial ubuntu linux-image-4.4.0-112-powerpc64-smp < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc64-emb?distro=xenial ubuntu linux-image-4.4.0-112-powerpc64-emb < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc-smp?distro=xenial ubuntu linux-image-4.4.0-112-powerpc-smp < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-powerpc-e500mc?distro=xenial ubuntu linux-image-4.4.0-112-powerpc-e500mc < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-lowlatency?distro=xenial ubuntu linux-image-4.4.0-112-lowlatency < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-generic?distro=xenial ubuntu linux-image-4.4.0-112-generic < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-112-generic-lpae?distro=xenial ubuntu linux-image-4.4.0-112-generic-lpae < 4.4.0-112.135 xenial
Affected pkg:deb/ubuntu/linux-image-4.4.0-1049-aws?distro=xenial ubuntu linux-image-4.4.0-1049-aws < 4.4.0-1049.58 xenial
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date