fixing Linux Mint 18.3 for Meltdown and Spectre

Chat about anything related to Linux Mint
Newbie_from_NJ
Level 2
Level 2
Posts: 60
Joined: Mon Aug 11, 2014 6:31 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Newbie_from_NJ » Sat Jan 06, 2018 8:24 pm

I guess i'm confused on how this exploit works and how it's actually patched. I've read that Firefox's latest version is patched and a future Kernel update on 4.4 and 4.13 will also patch the exploit. What's the difference between each patch?

Also, lets say that you are currently running a patched kernel on your host OS... but your virtual machine kernel isn't patched. Does that make your system vulnerable again?

sorry confused. Just want to understand it a bit more.

User avatar
Schultz
Level 6
Level 6
Posts: 1034
Joined: Thu Feb 25, 2016 8:57 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Schultz » Sat Jan 06, 2018 8:55 pm

Browser patches only fix the problem on the browser, so a "bad guy" can't exploit the weakness through your browser. But you'd still be vulnerable through other apps. At least that's the way I understand it. Someone correct me if I'm wrong.

User avatar
pizzadude
Level 1
Level 1
Posts: 14
Joined: Sat Aug 06, 2016 3:57 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by pizzadude » Sun Jan 07, 2018 8:54 am

Schultz wrote:Browser patches only fix the problem on the browser, so a "bad guy" can't exploit the weakness through your browser. But you'd still be vulnerable through other apps. At least that's the way I understand it. Someone correct me if I'm wrong.
You're correct, but it depends on how the application was written if it's vulnerable or not.

Rocky Bennett
Level 4
Level 4
Posts: 364
Joined: Tue May 12, 2015 6:22 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Rocky Bennett » Sun Jan 07, 2018 10:01 am

I think that I read this entire thread and I think that I understand what is going on. I updated my Windows 10 system with the Microsoft patch for the kernel on Thursday, when will Linux offer this update?

User avatar
Moem
Level 13
Level 13
Posts: 4858
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Moem » Sun Jan 07, 2018 10:11 am

Rocky Bennett wrote:I think that I read this entire thread (...) when will Linux offer this update?
Seems like you missed this.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Sun Jan 07, 2018 10:47 am

I appreciate this thread is entitled "Fixing Mint18.3....." so please excuse me if this is considered off-topic.

My system is:
Linux Mint 18.2 Sonya 64-bit MATE 1.18.0
Kernel Linux 4.8.0-53-generic x86_64
Intel® Pentium(R) CPU 4405U @ 2.10GHz × 4

I haven't found any reference to the 4.8 kernel anywhere, and I'm at a loss to know what I should do.
I suspect there may be others in the same situation.

So please, what should I / we be doing?

Also, what about 32 bit machines?

If the mods want to make this a new thread, please do so.

User avatar
thx-1138
Level 5
Level 5
Posts: 506
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by thx-1138 » Sun Jan 07, 2018 12:22 pm

Linux Mint 18.2 Sonya 64-bit MATE 1.18.0
Kernel Linux 4.8.0-53-generic x86_64
You either go with the latest 4.4.x or the latest 4.13.x on January 9, whatever suits you.
Also, what about 32 bit machines?
As you can see above, there is no announcement yet in regards to such (remains to be seen...)

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Sun Jan 07, 2018 12:51 pm

Thank you

User avatar
tovian
Level 4
Level 4
Posts: 381
Joined: Sun Nov 22, 2015 1:17 pm
Location: Heart of Dixie

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by tovian » Sun Jan 07, 2018 12:56 pm

norm.h wrote:I haven't found any reference to the 4.8 kernel anywhere, and I'm at a loss to know what I should do.
I suspect there may be others in the same situation.

So please, what should I / we be doing?
I wouldn't attempt to tell you what you need to do, but if you're asking about how...
you can start by running Synaptic Package Manager;
Refresh/reload the package database;
Scroll down and select the "kernel and modules" section in the left panel;
Scroll through the list on the right to see what you have installed now - and what is available

If this was not related to your question then I apologize.
“I think that this situation absolutely requires a really futile and stupid gesture be done on somebody's part!"
"We're just the guys to do it.”

Animal House

User avatar
Schultz
Level 6
Level 6
Posts: 1034
Joined: Thu Feb 25, 2016 8:57 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Schultz » Sun Jan 07, 2018 12:57 pm

Kernel 4.8 has been end of life for a while now, so I'd change it now, and then update again on the 9th.

Rocky Bennett
Level 4
Level 4
Posts: 364
Joined: Tue May 12, 2015 6:22 pm

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Rocky Bennett » Sun Jan 07, 2018 1:06 pm

Moem wrote:
Rocky Bennett wrote:I think that I read this entire thread (...) when will Linux offer this update?
Seems like you missed this.

Yeah, I saw that all over this site and on other sites. Oh well, just a couple of more days.

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Sun Jan 07, 2018 3:52 pm

Schultz wrote:Kernel 4.8 has been end of life for a while now, so I'd change it now, and then update again on the 9th.
Please excuse my ignorance, but if this is so [and I don't mean to disbelieve] then why is 4.4. being patched and suggested as an alternative?

User avatar
Marziano
Level 5
Level 5
Posts: 520
Joined: Thu Jan 04, 2018 1:00 pm
Location: /here

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Marziano » Sun Jan 07, 2018 4:12 pm

norm.h wrote:
Schultz wrote:Kernel 4.8 has been end of life for a while now, so I'd change it now, and then update again on the 9th.
Please excuse my ignorance, but if this is so [and I don't mean to disbelieve] then why is 4.4. being patched and suggested as an alternative?
You may want to have a look at this: https://wiki.ubuntu.com/Kernel/Support# ... el_Support
In the Grand Scheme of Things, everything on Earth is nothing but an annoying Bug.

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Mon Jan 08, 2018 6:16 am

Thank you - understood now :oops:

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 7:47 am

Schultz wrote:Kernel 4.8 has been end of life for a while now, so I'd change it now, and then update again on the 9th.
So I have downloaded 4.4.0.104 but I don't seem to be able to get into GRUB to change from 4.8.
Holding down SHIFT when booting doesn't show a menu as described in other posts.

User avatar
Pjotr
Level 19
Level 19
Posts: 9670
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Pjotr » Tue Jan 09, 2018 8:10 am

norm.h wrote:
Schultz wrote:Kernel 4.8 has been end of life for a while now, so I'd change it now, and then update again on the 9th.
So I have downloaded 4.4.0.104 but I don't seem to be able to get into GRUB to change from 4.8.
Holding down SHIFT when booting doesn't show a menu as described in other posts.
Press the SHIFT key directly after the BIOS screen disappears and keep it pressed.

Alternatively, you might set the timeout of Grub to 5 seconds or something, and even change its default invisibility into visibility. But all that's more cumbersome.

By the way: the redeeming update should already be in Proposed since the day before yesterday:
https://wiki.ubuntu.com/SecurityTeam/Kn ... ndMeltdown

Its version numbers are: 4.4.0-108.131 and 4.13.0-25.29. No mention of 4.10.x or 4.11.x.
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 8:26 am

Thanks.
I managed to get into GRUB and booted into the 4.4 kernel but whenever I reboot I have to select it.
Do I need to delete the 4.8 version altogerther?

User avatar
Pjotr
Level 19
Level 19
Posts: 9670
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by Pjotr » Tue Jan 09, 2018 8:29 am

norm.h wrote:Thanks.
I managed to get into GRUB and booted into the 4.4 kernel but whenever I reboot I have to select it.
Do I need to delete the 4.8 version altogerther?
Yes.
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 8:40 am

Done - thanks

But when I reboot it still tries to load the old kernel and tells me I have load it first, and I have to select the 4.4 version from GRUB.

My settings are

Code: Select all

GRUB_DEFAULT=0
GRUB_HIDDEN_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=10
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
GRUB_CMDLINE_LINUX=""
I followed the instructions here: http://lnxgoat.com/2016/06/17/making-mi ... he-kernel/

How do I get back to a clean boot without having to go through all this selection process?
What did I do wrong please?
Trying dismally to understand..............

norm.h
Level 4
Level 4
Posts: 439
Joined: Tue Mar 23, 2010 11:45 am
Location: Oxfordshire, UK

Re: fixing Linux Mint 18.3 for Meltdown and Spectre

Post by norm.h » Tue Jan 09, 2018 9:21 am

Further to this..........
I checked in Update Manager for installed kernels and found that 4.8 was still installed.
Clicked REMOVE and the remove process gave me this error.

Code: Select all

E: linux-image-extra-4.8.0-53-generic: subprocess installed post-removal script returned error exit status 1
E: linux-image-4.8.0-53-generic: subprocess installed post-removal script returned error exit status 1
Checking in Synaptic to see if 4.8 had been uninstalled I found 2 entries in Red [Linux kernel image for version 4.8.0 on 64 bit x86 SMP & Linux kernel extra modules for version 4.8.0 on 64 bit x86 SMP ] had not been removed.
Could this be the problem?
Last edited by norm.h on Tue Jan 09, 2018 9:55 am, edited 2 times in total.

Post Reply

Return to “Chat about Linux Mint”