SUSE Addresses Meltdown and Spectre Vulnerabilities

Yesterday the security community and a number of IT vendors announced the existence of several hardware security vulnerabilities that allow potential exploits across a range of hardware architectures and operating systems including but not limited to Linux.

https://meltdownattack.com/

SUSE engineers have been collaborating with our partners and the Linux community on upstream Linux kernel patches. As a result of that collaboration, we are now able to release patches for most recent SUSE Linux Enterprise (SLE) versions. Additional patches for other SLE versions and environments will follow shortly.

Up to date information on all the patches available will be continually posted here on this Technical Information Document page.

Additional details on specific vulnerabilities will be posted here in CVE reports:

https://www.suse.com/security/cve/CVE-2017-5753/

https://www.suse.com/security/cve/CVE-2017-5715/

https://www.suse.com/security/cve/CVE-2017-5754/

Due to the nature of this issue, applying the maintenance updates will require a reboot of the operating system.

As research on these issues continues across the industry, additional optimizations and information may emerge and we will provide continually updated details here in this blog and on the pages referenced above.

We would like to thank all those in the upstream Linux Kernel Community whose passion, dedication and collaboration were critical to addressing these issues.

For further details, please contact your SUSE support representative.