Debian Security Advisory DSA 4082-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack. This solution might have a performance impact, and can be disabled at boot time by passing pti=off to the kernel command line. Description truncated. Please see the references for more information.

linux on Debian Linux

This check tests the installed software version using the apt package manager.

For the oldstable distribution (jessie), these problems have been fixed in version 3.16.51-3+deb8u1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page linked in the references.