Canonical Apologizes for Ubuntu 14.04 LTS Linux Kernel Regression, Releases Fix

Last week, Canonical released new kernel security updates for all supported Ubuntu Linux releases to address the recently disclosed L1 Terminal Fault (L1TF) vulnerabilities CVE-2018-3620 and CVE-2018-3646.

The kernel security update addressed both the L1 Terminal Fault vulnerabilities, as well as two other security flaws (CVE-2018-5390 and CVE-2018-5391) discovered by Juha-Matti Tilli in Linux kernel's TCP and IP implementations, which could allow remote attackers to cause a denial of service.

Unfortunately, on Ubuntu 14.04 LTS (Trusty Tahr) systems, users reported that the mitigations also introduced a regression in the Linux kernel packages, which could cause kernel panics for some users that booted the OS in certain desktop environments.

The regression also appears to have prevented Java applications from starting... (read more)