duylam/patch-meltdown-n-spectre.md

Last active January 27, 2018 10:02

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/duylam/828324ac95402031ae3570c5b8d78254.js"></script>
Save duylam/828324ac95402031ae3570c5b8d78254 to your computer and use it in GitHub Desktop.

Download ZIP

Detail steps to patch meltdown and spectre issues on EC2 Ubuntu server

Raw

patch-meltdown-n-spectre.md

1. Verify the issue occurs on server, see detail

git clone https://github.com/speed47/spectre-meltdown-checker.git ~/tmp/spectre-meltdown-checker
cd ~/tmp/spectre-meltdown-checker/ && sudo ./spectre-meltdown-checker.sh

Make sure to save the result to file for verifying after patching

2. 02 ways of patching

2a. Upgrade the OS, see here

2b. Upgrade kernel only

Update apt: sudo apt-get update
See detail which kernel package to patch per Ubuntu version at here
Check the kernel package name on server with COLUMNS=120 dpkg -l linux-image*
Sample (for reference only) install command to patch the kernel on Ubuntu 14.0 sudo apt-get install linux-image-3.13.0-141-generic
And then reboot server, run check script again to verify

Ubuntu Updates for the Meltdown / Spectre Vulnerabilities

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment