Security notice: Meltdown and Spectre
Forum rules
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
- vicium artis
- Level 1
- Posts: 15
- Joined: Mon Jan 08, 2018 5:09 am
- Location: Europe/Croatia
Re: Security notice: Meltdown and Spectre
Excuse me but on my native language they assure me that tha does not involve me but your link is confusing because the same thing is combined with ubuntu so can you clarify to someone who obviously cant figure it out, why those patches are here and for what they stand for..?clem wrote:https://blog.linuxmint.com/?p=3496
Especially when on FAQ is said "yes you probably are affected"
AMD/INTEL/ARM based devices etc..stealing from us potentially passwords and other private things..?
CPU: Dual Core 11th Gen Intel Core i3-1115G4
Kernel: 5.15.0-41-generic x86_64
Storage: 476.94 GiB (3.6% used)
Mem: 1551.5/7692.2 MiB (20.2%)
Kernel: 5.15.0-41-generic x86_64
Storage: 476.94 GiB (3.6% used)
Mem: 1551.5/7692.2 MiB (20.2%)
Re: Security notice: Meltdown and Spectre
Make sure you enable "always show kenel updates" in the update manager
- vicium artis
- Level 1
- Posts: 15
- Joined: Mon Jan 08, 2018 5:09 am
- Location: Europe/Croatia
Re: Security notice: Meltdown and Spectre
well it is shown but not as "always select securitiy/trusted") i am more satisfied with default kernel than with wersion proposed by update manager and somehow i think it is better to stick with the one that work betterstavpup wrote:Make sure you enable "always show kenel updates" in the update manager
CPU: Dual Core 11th Gen Intel Core i3-1115G4
Kernel: 5.15.0-41-generic x86_64
Storage: 476.94 GiB (3.6% used)
Mem: 1551.5/7692.2 MiB (20.2%)
Kernel: 5.15.0-41-generic x86_64
Storage: 476.94 GiB (3.6% used)
Mem: 1551.5/7692.2 MiB (20.2%)
Re: Security notice: Meltdown and Spectre
This is a critical security update, because of Meltdown and Spectre, effecting EVERYONE, so the Mint team has pushed the update to EVERYONE, including those who have have been holding back some updates. They are pushing it to you because it is essential for your security. Normal kernel updates are often trivial, and I normally go with "If it aint broken, don't fix it", but Sir this is broken, and the only way to start fixing it is to install this update. I suggest installing this update, keep your preferred update settings, and know that the Mint team will only push higher level updates when they are absolutely necessary.vicium artis wrote:well it is shown but not as "always select securitiy/trusted") i am more satisfied with default kernel than with wersion proposed by update manager and somehow i think it is better to stick with the one that work betterstavpup wrote:Make sure you enable "always show kenel updates" in the update manager
Best regards,
ErgoSolvo
Re: Security notice: Meltdown and Spectre
Has the live/install ISO been updated with these patches? I often run a live version of Mint to make repairs and sometimes that involves researching on the web or temporarily installing programs. Will this leave by devices vulnerable during live usb use or when updating during an install?
With appreciation,
ErgoSolvo
Update: Never mind. I didn't think this through before asking. I have self-realized the complications of Mint 18.x being implicated with Ubuntu's 16.04lts.
With appreciation,
ErgoSolvo
Update: Never mind. I didn't think this through before asking. I have self-realized the complications of Mint 18.x being implicated with Ubuntu's 16.04lts.
Last edited by ergosolvo on Thu Jan 11, 2018 5:22 am, edited 1 time in total.
Re: Security notice: Meltdown and Spectre
Just a note to say that I've updated my Mint 18.3 Cinnamon kernel to 4.13.0-26 today, as offered by the Update Manager. It seems to be working OK on my machine, YMMV.
Note to those not used to doing kernel updates: they will not take effect until the machine has had a restart.
Note to those not used to doing kernel updates: they will not take effect until the machine has had a restart.
momist : a follower of the Greek god Momer.
-
- Level 2
- Posts: 86
- Joined: Thu Aug 27, 2015 5:32 pm
Re: Security notice: Meltdown and Spectre
Today I updated my kernel to 4.13.0-26. It booted OK but the VirtualBox I had obtained from the repository stopped working. Trying to use VirtualBox resulted in a hung computer, requiring a hard reboot. I didn't check much else, but rather reverted to 4.10.0-42, and now everything is working fine. I did not remove 4.13.0, just left it as inactive. My system is Mint Cinnamon 18.3 and otherwise up to date. Hardware is Dell Inspiron, 8GB RAM, Intel Core I7 processor. Hopefully the kernel updates for Meltdown and Spectre will soon be cleaned up a bit.
Re: Security notice: Meltdown and Spectre
I updated my kernel to 4.13.0-26.
Using a Toshiba Satellite L775.
So far so good, everything is working fine.
Linux xxxxxx-Satellite-L775 4.13.0-26-generic #29~16.04.2-Ubuntu SMP Tue Jan 9 22:00:44 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
DISTRIB_ID=LinuxMint
DISTRIB_RELEASE=18.3
DISTRIB_CODENAME=sylvia
DISTRIB_DESCRIPTION="Linux Mint 18.3 Sylvia"
NAME="Linux Mint"
VERSION="18.3 (Sylvia)"
ID=linuxmint
ID_LIKE=ubuntu
PRETTY_NAME="Linux Mint 18.3"
VERSION_ID="18.3"
HOME_URL="http://www.linuxmint.com/"
SUPPORT_URL="http://forums.linuxmint.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/linuxmint/"
VERSION_CODENAME=sylvia
UBUNTU_CODENAME=xenial
cat: /etc/upstream-release: Is a directory
Using a Toshiba Satellite L775.
So far so good, everything is working fine.
Linux xxxxxx-Satellite-L775 4.13.0-26-generic #29~16.04.2-Ubuntu SMP Tue Jan 9 22:00:44 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
DISTRIB_ID=LinuxMint
DISTRIB_RELEASE=18.3
DISTRIB_CODENAME=sylvia
DISTRIB_DESCRIPTION="Linux Mint 18.3 Sylvia"
NAME="Linux Mint"
VERSION="18.3 (Sylvia)"
ID=linuxmint
ID_LIKE=ubuntu
PRETTY_NAME="Linux Mint 18.3"
VERSION_ID="18.3"
HOME_URL="http://www.linuxmint.com/"
SUPPORT_URL="http://forums.linuxmint.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/linuxmint/"
VERSION_CODENAME=sylvia
UBUNTU_CODENAME=xenial
cat: /etc/upstream-release: Is a directory
Re: Security notice: Meltdown and Spectre
The repository Virtual Box is outdated. I followed the experts advice and downloaded a more current version (Version 5.2.2 r119230 (Qt5.6.1)) from here:Hank New Bee wrote:Today I updated my kernel to 4.13.0-26. It booted OK but the VirtualBox I had obtained from the repository stopped working. Trying to use VirtualBox resulted in a hung computer, requiring a hard reboot. I didn't check much else, but rather reverted to 4.10.0-42, and now everything is working fine. I did not remove 4.13.0, just left it as inactive. My system is Mint Cinnamon 18.3 and otherwise up to date. Hardware is Dell Inspiron, 8GB RAM, Intel Core I7 processor. Hopefully the kernel updates for Meltdown and Spectre will soon be cleaned up a bit.
https://www.virtualbox.org/wiki/Downloads
It is not the most current edition but it works fine with the 4.13.0-26 kernel on MINT KDE 18.3
Re: Security notice: Meltdown and Spectre
My update to kernel 4.13.0-26 was unsuccessful. It resulted in a black screen on boot up.
Someone else has reported this over at Ubuntu forums:
https://ubuntuforums.org/showthread.php?t=2382209
Is there a thread on the Linux Mint forums already addressing this issue?
Someone else has reported this over at Ubuntu forums:
https://ubuntuforums.org/showthread.php?t=2382209
Is there a thread on the Linux Mint forums already addressing this issue?
- vicium artis
- Level 1
- Posts: 15
- Joined: Mon Jan 08, 2018 5:09 am
- Location: Europe/Croatia
Re: Security notice: Meltdown and Spectre
Thank you for your answer i did it but i had manually remove the generic one 4.10.38 from synaptic because it did not take effect when i did install through update manager.I did sudo grub-install/update-grub and then the proposed one is the only now in grub..i did not notice nor improvements nor worsening..ergosolvo wrote:This is a critical security update, because of Meltdown and Spectre, effecting EVERYONE, so the Mint team has pushed the update to EVERYONE, including those who have have been holding back some updates. They are pushing it to you because it is essential for your security. Normal kernel updates are often trivial, and I normally go with "If it aint broken, don't fix it", but Sir this is broken, and the only way to start fixing it is to install this update. I suggest installing this update, keep your preferred update settings, and know that the Mint team will only push higher level updates when they are absolutely necessary.vicium artis wrote:well it is shown but not as "always select securitiy/trusted") i am more satisfied with default kernel than with wersion proposed by update manager and somehow i think it is better to stick with the one that work betterstavpup wrote:Make sure you enable "always show kenel updates" in the update manager
Best regards,
ErgoSolvo
CPU: Dual Core 11th Gen Intel Core i3-1115G4
Kernel: 5.15.0-41-generic x86_64
Storage: 476.94 GiB (3.6% used)
Mem: 1551.5/7692.2 MiB (20.2%)
Kernel: 5.15.0-41-generic x86_64
Storage: 476.94 GiB (3.6% used)
Mem: 1551.5/7692.2 MiB (20.2%)
Re: Security notice: Meltdown and Spectre
Hi!
2 questions about the kernel update:
- What is the difference between HWE and LTS? That is: which should I use? I use 18.3 MATE, updated in-system from 18.0.
- It says that there were problems with "4.4.0-108 issues in particular were fixed since in 4.4.0-109". What does this mean? Are the issues in 108 fixed, or should I rather use 109?
SInce this is such an important security update, I would be happy for clearer communication from the Mint team. Not everyone "lives" with mint - many people like me just use it since it works well, but don't know the technical side of it. Easy, step by step instructions are simple to write, and help so many people!
2 questions about the kernel update:
- What is the difference between HWE and LTS? That is: which should I use? I use 18.3 MATE, updated in-system from 18.0.
- It says that there were problems with "4.4.0-108 issues in particular were fixed since in 4.4.0-109". What does this mean? Are the issues in 108 fixed, or should I rather use 109?
SInce this is such an important security update, I would be happy for clearer communication from the Mint team. Not everyone "lives" with mint - many people like me just use it since it works well, but don't know the technical side of it. Easy, step by step instructions are simple to write, and help so many people!
Re: Security notice: Meltdown and Spectre
Hi Longbottom,Longbottom wrote:Easy, step by step instructions are simple to write, and help so many people!
While I disagree that easy instructions are easy to write, I feel that Xenopeek has done a pretty good job here, so I suggest that you check it out and see if you feel the same way. These instructions tell you explicitly which kernels to use.
If you read somewhere that 'issues with X were fixed in Y', that generally means that you should use Y and not X. A fixed version of X is a different version and so it gets a new number; in this example, Y.
If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
Re: Security notice: Meltdown and Spectre
Thanks for the link! I will check it out immediately.
Re: Security notice: Meltdown and Spectre
Tried the kernal update via UKCC, and on bootup got a set of error messages that went by too fast to see, then got my Mate desktop, but my second monitor was gone, and the kernal could not identify my main monitor as anything other than unknown. So I rebooted into 4.10, and all works well again. Something is not quite right with the 4.13 on my hardware -
Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
NVIDIA GeForce GTX 1060 6GB
Motherboard ASRock H170M PRO4
BIOS American Megatrends Inc. version P7.10
BTW - how do I get Mint to give me a hardware scan? (edit - found it: inxi -F)
Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
NVIDIA GeForce GTX 1060 6GB
Motherboard ASRock H170M PRO4
BIOS American Megatrends Inc. version P7.10
BTW - how do I get Mint to give me a hardware scan? (edit - found it: inxi -F)
- Elmar
Dual boot win 10 & Linux Mint
Release Linux Mint 21.3 Virginia 64-bit
Kernel Linux 5.15.0-91-generic x86_64
MATE 1.26.0
Dual boot win 10 & Linux Mint
Release Linux Mint 21.3 Virginia 64-bit
Kernel Linux 5.15.0-91-generic x86_64
MATE 1.26.0
Re: Security notice: Meltdown and Spectre
The guidance in the blog advises to unconditionally update NVIDIA drivers to 384.111. However, when I check the NVIDIA website for the latest drivers for my GeForce 8500GT the currently installed 340.102 drivers are identified as the latest available.
Is this a timing issue with NVIDIA or should the blog guidance be clarified?
Is this a timing issue with NVIDIA or should the blog guidance be clarified?
Re: Security notice: Meltdown and Spectre
Can confirm 4.4.0-109 killed this system. Cinnamon crash unrecoverable. Reverted back.
Code: Select all
$ inxi -Fxz
System: Host: eric-To-be-filled-by-O-E-M Kernel: 3.19.0-32-generic x86_64 (64 bit gcc: 4.8.2)
Desktop: Cinnamon 2.8.8 (Gtk 3.10.8~8+qiana)
Distro: Linux Mint 17.3 Rosa
Machine: System: Gigabyte product: N/A
Mobo: Gigabyte model: 970A-UD3P v: x.x
Bios: American Megatrends v: F1 date: 08/06/2013
CPU: Hexa core AMD FX-6300 Six-Core (-MCP-) cache: 12288 KB
flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm) bmips: 42193
clock speeds: max: 3500 MHz 1: 1400 MHz 2: 2000 MHz 3: 2000 MHz
4: 1400 MHz 5: 1400 MHz 6: 1400 MHz
Graphics: Card: Advanced Micro Devices [AMD/ATI] Curacao XT [Radeon R7 370 / R9 270X/370 OEM]
bus-ID: 01:00.0
Display Server: X.Org 1.17.1 drivers: ati,fglrx (unloaded: fbdev,vesa,radeon)
Resolution: 1280x1024@60.0hz
GLX Renderer: AMD Radeon R9 200 Series
GLX Version: 4.5.13399 - CPC 15.201.1151 Direct Rendering: Yes
Audio: Card-1 Advanced Micro Devices [AMD/ATI] SBx00 Azalia (Intel HDA)
driver: snd_hda_intel bus-ID: 00:14.2
Card-2 Advanced Micro Devices [AMD/ATI] Cape Verde/Pitcairn HDMI Audio [Radeon HD 7700/7800 Series]
driver: snd_hda_intel bus-ID: 01:00.1
Sound: Advanced Linux Sound Architecture v: k3.19.0-32-generic
Network: Card-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
driver: r8169 v: 2.3LK-NAPI port: d000 bus-ID: 03:00.0
IF: eth0 state: down mac: <filter>
Card-2: Ralink RT2070 Wireless Adapter
driver: rt2800usb v: 2.3.0 usb-ID: 002-002
IF: wlan0 state: N/A mac: N/A
Drives: HDD Total Size: 250.1GB (10.7% used)
Re: Security notice: Meltdown and Spectre
Wasted about three hours this evening to get back to where I started from.
Running 18.3 cinnamon on a T430 (64bit), kernel 4.4.0-53. I've got virtualbox V5.0.40 (the one in the repositories) running win7. VB works fine (except for USB ports, that did work and now don't, but a different story for a different post).
Given comments in earlier posts about incompatibility between later kernels and VB5.0 I thought I would update VB before doing the kernel. Downloaded VB V5.2.4 - worked, also tried V5.2.2 - also worked. BUT both versions would NOT work in seamless mode. Instead of seeing the windows taskbar above mint's panel all I got was a thin grey line. Click where the win icon is to open up the win menu, menu opens but it's just grey. Ended up reverting back to VB 5.0.40 and reinstalling via the s/w manager.
So, anybody know if I upgrade the kernel will this problem go away with the later 5.2+ versions of VB? Also echo earlier post, what's LTS and HWE, and should I switch from the 4.4 series kernel to 4.13?
And finally, given comments in the press (that on some systems the security fixes could result in a 30% performance hit), will these updates slow down the machine?
EDIT - well worked some things out, LTS = long term stable and HWE = hardware enabled, which sounds like the latest bleeding edge kernel with latest h/w drivers. Can confirm that 4.13.0.26 works, but not with virtualbox which hangs and only way out is to power off. Currently now running 4.4.0-53 generic and about to try 4.4.0-109 which is the latest showing in the 4.4 series. Note - to switch kernels on boot hold down the shift key to bring up grub and advanced options gives a list of available kernels to boot from - learning quite a lot today.
EDIT2 - now running 4.4.0-109 and it works with the version of virtualbox in the repositories (V5.0.40). Have removed 4.13.0.26 from my system. Can't say my first experience messing around with kernels has been painless.
Running 18.3 cinnamon on a T430 (64bit), kernel 4.4.0-53. I've got virtualbox V5.0.40 (the one in the repositories) running win7. VB works fine (except for USB ports, that did work and now don't, but a different story for a different post).
Given comments in earlier posts about incompatibility between later kernels and VB5.0 I thought I would update VB before doing the kernel. Downloaded VB V5.2.4 - worked, also tried V5.2.2 - also worked. BUT both versions would NOT work in seamless mode. Instead of seeing the windows taskbar above mint's panel all I got was a thin grey line. Click where the win icon is to open up the win menu, menu opens but it's just grey. Ended up reverting back to VB 5.0.40 and reinstalling via the s/w manager.
So, anybody know if I upgrade the kernel will this problem go away with the later 5.2+ versions of VB? Also echo earlier post, what's LTS and HWE, and should I switch from the 4.4 series kernel to 4.13?
And finally, given comments in the press (that on some systems the security fixes could result in a 30% performance hit), will these updates slow down the machine?
EDIT - well worked some things out, LTS = long term stable and HWE = hardware enabled, which sounds like the latest bleeding edge kernel with latest h/w drivers. Can confirm that 4.13.0.26 works, but not with virtualbox which hangs and only way out is to power off. Currently now running 4.4.0-53 generic and about to try 4.4.0-109 which is the latest showing in the 4.4 series. Note - to switch kernels on boot hold down the shift key to bring up grub and advanced options gives a list of available kernels to boot from - learning quite a lot today.
EDIT2 - now running 4.4.0-109 and it works with the version of virtualbox in the repositories (V5.0.40). Have removed 4.13.0.26 from my system. Can't say my first experience messing around with kernels has been painless.
Thinkcentre M720Q - LM21.3 cinnamon, 4 x T430 - LM21.3 cinnamon, Homebrew desktop i5-8400+GTX1080 Cinnamon 19.0
Re: Security notice: Meltdown and Spectre
The major HW Manufacturers have released / (will release) patched UEFI BIOS's for their main stream products.
If the BIOS is patched, is an updated Kernel still a priority ?
Lanser
If the BIOS is patched, is an updated Kernel still a priority ?
Lanser