This bug was fixed in the package linux - 3.13.0-145.194
---------------
linux (3.13.0-145.194) trusty; urgency=medium
* linux: 3.13.0-145.194 -proposed tracker (LP: #1761430)
* intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
- Revert "UBUNTU: SAUCE: x86/mm: Only set IBPB when the new thread cannot
ptrace current thread"
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch
* DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
- [Packaging] include the retpoline extractor in the headers
* retpoline hints: primary infrastructure and initial hints (LP: #1758856)
- [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on
32bit
- x86/paravirt, objtool: Annotate indirect calls
- x86/asm: Stop depending on ptrace.h in alternative.h
- [Packaging] retpoline -- add safe usage hint support
- [Packaging] retpoline-check -- only report additions
- [Packaging] retpoline -- widen indirect call/jmp detection
- [Packaging] retpoline -- elide %rip relative indirections
- [Packaging] retpoline -- clear hint information from packages
- SAUCE: modpost: add discard to non-allocatable whitelist
- KVM: x86: Make indirect calls in emulator speculation safe
- KVM: VMX: Make indirect call speculation safe
- x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
- SAUCE: early/late -- annotate indirect calls in early/late initialisation
code
- SAUCE: vga_set_mode -- avoid jump tables
- [Config] retpoline -- switch to new format
- [Packaging] retpoline hints -- handle missing files when RETPOLINE not
enabled
- [Packaging] final-checks -- remove check for empty retpoline files
* retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
- [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
* Boot crash with Trusty 3.13 (LP: #1757193)
- Revert "UBUNTU: SAUCE: x86, extable: fix uaccess fixup detection"
- x86/mm: Expand the exception table logic to allow new handling options
* Segmentation fault in ldt_gdt_64 (LP: #1755817) // CVE-2017-5754
- x86/kvm: Rename VMX's segment access rights defines
- x86/signal/64: Fix SS if needed when delivering a 64-bit signal
-- Kleber Sacilotto de Souza <kleber.so...@canonical.com> Thu, 05 Apr
2018 16:26:39 +0200
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** Changed in: linux (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1759920
Title:
intel-microcode 3.20180312.0 causes lockup at login screen
Status in intel-microcode package in Ubuntu:
Invalid
Status in linux package in Ubuntu:
Invalid
Status in intel-microcode source package in Trusty:
Invalid
Status in linux source package in Trusty:
Fix Released
Status in intel-microcode source package in Xenial:
Invalid
Status in linux source package in Xenial:
Fix Released
Status in intel-microcode source package in Artful:
Invalid
Status in linux source package in Artful:
Fix Committed
Bug description:
[Impact]
* Some systems experience kernel lockups after updating to the latest
intel-microcode
package or when receiving updated microcode from a BIOS update.
* In many cases, the lockups occur before users can reach the login screen
which makes
it very difficult to debug/workaround.
[Test Case]
* The most reliable test case currently known is to install the sssd
package. Lockups
may occur during package installation (disable IBPB by writing 0 to
/proc/sys/kernel/ibpb_enabled to prevent this from happening). A lockup
will most
likely occur just after booting the system up as the lock screen is
displayed.
[Regression Potential]
* The fix is in the task switching code of the kernel so complexity of the
change is
relatively high.
[Original Report]
I don't know if this is a problem with the kernel or the microcode,
but we have a significant number of computers in our organization (on
both 16.04 and 17.10) that fail if they have both updated. Booting
with either linux-image-4.13.0-36-generic or intel-microcode
3.20180108.0+really20170707ubuntu17.10.1 allows all these computers to
boot.
## Workaround ##
1. Boot the system with the dis_ucode_ldr kernel boot parameter to temporary
avoid the problem:
https://wiki.ubuntu.com/Kernel/KernelBootParameters
2. Install the previous version of package from
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+build/14261530/+files/intel-microcode_3.20180108.0+really20170707ubuntu16.04.1_amd64.deb
3. (Optional) Hold the package so that it won't be upgraded accidentally
sudo apt-mark hold intel-microcode
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1759920/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
