Meltdown and Spectre Patches Bricking Ubuntu 16.04 Computers

An anonymous reader writes: Ubuntu Xenial 16.04 users who updated to receive the Meltdown and Spectre patches are reporting they are unable to boot their systems and have been forced to roll back to an earlier Linux kernel image. The issues were reported by a large number of users on the Ubuntu forums and Ubuntu's Launchpad bug tracker. Only Ubuntu users running the Xenial 16.04 series appear to be affected.

All users who reported issues said they were unable to boot after upgrading to Ubuntu 16.04 with kernel image 4.4.0-108. Canonical, the company behind Ubuntu OS, deployed Linux kernel image 4.4.0-108 as part of a security update for Ubuntu Xenial 16.04 users, yesterday, on January 9. According to Ubuntu Security Notice USN-3522-1 and an Ubuntu Wiki page, this was the update that delivered the Meltdown and Spectre patches.

Baby out with the bathwater

[Lab+Rat+Jason]

It seems that these companies (Microsoft and Ubuntu and others) are forgetting everything about sound software development practices here. They're in such a hurry to deploy patches that they aren't taking the time to fully test them. The cure is worse than the ailment.

Re:Baby out with the bathwater

[king+neckbeard]

To be fair, there is a major security flaw covering the majority of desktop CPUs sold over the last two decades. You are correct that they have not done proper testing, but this is on a ridiculous scale.

Re:Baby out with the bathwater

[Merk42]

You know what's pushing this on the average Joe? DRM. Microsoft can't let those DRM keys leak... and now that the flaw is known, that's exactly what *could* happen. This isn't about user's data falling into evil-hacker's hands...

Ah Slashdot, where a vulnerability from Intel and a bad patch from Canonical, is still, somehow, Microsoft's fault.

Bricked!!?!?! Oh wow!

"have been forced to roll back to an earlier Linux kernel image."

So, not actually bricked then...

WORDS MEAN THINGS!

Re:Bricked!!?!?! Oh wow!

[AvitarX]

Doesn't this just mean pressing down in grub once, then setting it to use that kernel by default?

This is barely even a slight annoyance.

Re:Bricked!!?!?! Oh wow!

[El_Muerte_TDS]

It's 2018, we have SmartBricks now. You can change the software of your SmartBricks.

Re:Bricked!!?!?! Oh wow!

[ThanatosMinor]

Article title updated because we used the term "bricking" incorrectly. Bleeping Computer regrets the error.

We apologise for the fault in the title. Those responsible have been sacked.

Re:Bricked!!?!?! Oh wow!

[GameboyRMH]

I would say that if a software hack, or even a simple hardware hack with common tools can fix it, it's not bricked. If you have to get out a JTAG adapter, then it's bricked.

Re:Bricked!!?!?! Oh wow!

[religionofpeas]

We apologise for the fault in the title. Those responsible have been sacked.

You mean, they've been bricked.

Re:Bricked!!?!?! Oh wow!

[k.a.f.]

Close, but no cigar. When you have to throw the device away, then it's bricked.

Ultimate security

[OrangeTide]

Let those hackers try and get into my system now!

Already fixed...

Kernel 4.4.0-109, which fixes this problem, has already been pushed out.
Apparently, the PTI fix was not quite backported correctly.
For details, see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1741934

It is *NOT* bricking!

[Qbertino]

Bricking is the equivalent of applying a killpoke. A software action that makes the hardware henceforth unusable.

This just screws up the kernel and requires you to set up a fresh one, perhaps reinstalling the core system. On Linux this is usually nothing more than a minor annoyance.

Again: it's not bricking. Bricking is when a software update or piece of code renders my smartphone not more useful than a brick and irreversibly so.

Stop using the word just because it's new and describes something significant. It doesn't make your news more interesting, it makes your news false.

Thank you.

Not bricked #2305473

[Fly+Swatter]

Press down arrow at boot menu screen.

Failed reboot is not "bricking"

[Antique+Geekmeister]

Failing to use a particular new kernel is not "bricking". Bricking, as commonly used, means the physical hardware is unrecoverable and needs to be replaced. Recovering a failed Ubuntu kernel means being able to select a different kernel to boot with. This means console access or access to the disk image. These are problematic and can disable production servers. But it's much less destructive than ruining the physical hardware.

Re:A web page can now own your system

[scdeimos]

Meltdown cannot be exploited using Javascript.

Yes it can, even WebKit says so...

Meltdown means that userland code, such as JavaScript running in a web browser, can read kernel memory. Not all CPUs are affected by Meltdown and Meltdown is being mitigated by operating system changes. Mounting a Meltdown attack via JavaScript running in WebKit requires first bypassing branch-based security checks, like in the case of a Spectre attack. Therefore, Spectre mitigations that fix the branch problem also prevent an attacker from using WebKit as the starting point for Meltdown.

REF: https://webkit.org/blog/8048/w...

Most browser vendors are implementing many changes to mitigate Meltdown and Spectre, including things like reducing the precision of high-fidelity timers from 5us to 20us +/- 20us, disabling SharedArrayBuffers and recompiling with Spectre-aware compilers.