This bug was fixed in the package linux - 3.13.0-139.188 --------------- linux (3.13.0-139.188) trusty; urgency=low * linux: 3.13.0-139.188 -proposed tracker (LP: #1741609) * CVE-2017-5754 - perf/x86: Correctly use FEATURE_PDCM - arch: Introduce smp_load_acquire(), smp_store_release() - mm, x86: Account for TLB flushes only when debugging - x86/mm: Clean up inconsistencies when flushing TLB ranges - x86/mm: Eliminate redundant page table walk during TLB range flushing - mm, x86: Revisit tlb_flushall_shift tuning for page flushes except on IvyBridge - x86/mm: Clean up the TLB flushing code - x86/mm: Rip out complicated, out-of-date, buggy TLB flushing - x86/mm: Fix missed global TLB flush stat - x86/mm: New tunable for single vs full TLB flush - x86/mm: Set TLB flush tunable to sane value (33) - x86/mm: Fix sparse 'tlb_single_page_flush_ceiling' warning and make the variable read-mostly - rcu: Provide counterpart to rcu_dereference() for non-RCU situations - rcu: Move lockless_dereference() out of rcupdate.h - x86/ldt: Make modify_ldt synchronous - x86/ldt: Correct LDT access in single stepping logic - x86/ldt: Correct FPU emulation access to LDT - x86/ldt: Further fix FPU emulation - x86/mm: Disable preemption during CR3 read+write - x86: Clean up cr4 manipulation - x86/mm: Add INVPCID helpers - x86/mm: Fix INVPCID asm constraint - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID - x86/mm: If INVPCID is available, use it to flush global mappings - mm/mmu_context, sched/core: Fix mmu_context.h assumption - sched/core: Add switch_mm_irqs_off() and use it in the scheduler - x86/mm: Build arch/x86/mm/tlb.c even on !SMP - x86/mm, sched/core: Uninline switch_mm() - x86/mm, sched/core: Turn off IRQs in switch_mm() - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() - x86/irq: Do not substract irq_tlb_count from irq_call_count - x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() - x86/mm: Remove flush_tlb() and flush_tlb_current_task() - x86/mm: Make flush_tlb_mm_range() more predictable - x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code - x86/mm: Disable PCID on 32-bit kernels - x86/mm: Add the 'nopcid' boot option to turn off PCID - x86/mm: Enable CR4.PCIDE on supported systems - x86/mm/64: Fix reboot interaction with CR4.PCIDE - KAISER: Kernel Address Isolation - x86/mm/kaiser: re-enable vsyscalls - kaiser: user_map __kprobes_text too - kaiser: alloc_ldt_struct() use get_zeroed_page() - x86/alternatives: Cleanup DPRINTK macro - x86/alternatives: Add instruction padding - x86/alternatives: Make JMPs more robust - x86/alternatives: Use optimized NOPs for padding - kaiser: add "nokaiser" boot option, using ALTERNATIVE - x86, boot: Carve out early cmdline parsing function - x86/boot: Fix early command-line parsing when matching at end - x86/boot: Fix early command-line parsing when partial word matches - x86/boot: Simplify early command line parsing - x86/boot: Pass in size to early cmdline parsing - x86/boot: Add early cmdline parsing for options with arguments - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling - x86/kaiser: Check boottime cmdline params - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush - kaiser: asm/tlbflush.h handle noPGE at lower level - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID - x86/paravirt: Dont patch flush_tlb_single - x86/kaiser: Reenable PARAVIRT - kaiser: disabled on Xen PV - x86/kaiser: Move feature detection up - KPTI: Rename to PAGE_TABLE_ISOLATION - KPTI: Report when enabled - kvmclock: export kvmclock clocksource and data pointers - x86/mm/kaiser: remove paravirt clock warning - kaiser: x86: Fix NMI handling - [Config] updateconfigs - enable PAGE_TABLE_ISOLATION -- Kleber Sacilotto de Souza