You may have heard about Meltdown, an exploit that can be used against modern processors (CPUs) to maliciously gain access to sensitive data in memory. This vulnerability is serious, and can expose your secret data such as passwords. Here’s how to protect your Fedora system against the attack.
Guarding against Meltdown
New kernel packages contain fixes for Fedora 26 and 27 (kernel version 4.14.11), as well as Rawhide (kernel 4.15 release candidate). The maintainers have submitted updates to the stable repos. They should show up within a day or so for most users.
To update your Fedora system, use this command once you configure sudo. Type your password at the prompt, if necessary.
sudo dnf --refresh update kernel
Fedora provides worldwide mirrors at many download sites to better serve users. Some sites refresh their mirrors at different rates. If you don’t get an update right away, wait until later in the day.
If your system is on Rawhide, run sudo dnf update to get the update.
Then reboot your system to use the latest kernel.
Fedora Atomic Host
The fixes for Fedora Atomic Host are in ostree version 27.47. To get the update, run this command:
atomic host upgrade
Then reboot your system. You can read more details on the Project Atomic blog.
A note on Spectre
Spectre is the common name for another serious vulnerability that exploits both processor and software design to maliciously expose secret data. Work is ongoing by upstream developers, vendors, and researchers to mitigate this vulnerability. The Fedora team will continue to monitor their progress and notify the public about updates as they become available.