Kernel 4.14.15: Vulnerabilities Specter and Meltdown they also affect Linux systems. The development teams of the distributions are reportedly preparing updated kernels, while everyone should update the programs as well browsing that they use.
Previously publication we mentioned for a script which can test whether your Linux distribution is vulnerable to Specter 1 and 2 vulnerabilities or Meltdown attacks.
The script checks each parchange separately and displays the results. If it shows “STATUS: VULNERABLE” the system is vulnerable and needs an immediate (and if available) Kernel upgrade.
As you can see in the image above, with oldest kernel, one of the systems I use remains vulnerable to the Specter and Meltdown vulnerabilities, at least in 2 of the 3 Variants.
Let's see the same test in the kernel 4.14.15
The new kernel 4.14.15 fixes 2 of the 3 Variants of the Specter and Meltdown vulnerabilities. For those of you using Linux, check your distribution's updates for the most recently updated kernel, and upgrade immediately.
It remains to be seen when the Spectre Variant 1 will be closed, the only one left. But let's not forget her statement by Werner Haas, a representative of Cyberus Technology and a member of one of the three independent teams that discovered and reported Meltdown. The expert said that achieving comprehensive protection against Specter is very simple and will likely involve a "continuous procedure” with software corrections and hardware modifications.
"The Specter scenario is not that simple, as cross-application attacks are unlikely without even OS participation," said Haas.
"Therefore, a general solution like Meltdown seems unlikely. Therefore, I expect combined repairs to hardware / software defects along with the warning that the fight against Spectre will be an ongoing process. "