Security Update News
Update Information
| Title | Ubuntu Disables Spectre/Meltdown Protections |
|---|---|
| Update ID | SCHNEIER:9BF526CF14AB79F193BA90639A8F3313 |
| Type | schneier |
| Published | 2025-07-02T11:02:22 |
| Last Updated | 2025-07-01T16:23:54 |
Security Impact
| Severity | NONE |
|---|
AI Analysis
| AI Description | Ubuntu has disabled Spectre and Meltdown protections, citing a significant performance boost and the difficulty of executing such attacks. This decision follows discussions between Intel and Canonical’s security teams, who agree that the security impact no longer justifies the performance trade-off. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Canonical |
| AI Product | Ubuntu |
| AI Version | various |
Update Details
Now, people are rethinking the trade-off. Ubuntu has disabled some protections, resulting in 20% performance boost.
> After discussion between Intel and Canonical’s security teams, we are in agreement that Spectre no longer needs to be mitigated for the GPU at the Compute Runtime level. At this point, Spectre has been mitigated in the kernel, and a clear warning from the Compute Runtime build serves as a notification for those running modified kernels without those patches. For these reasons, we feel that Spectre mitigations in Compute Runtime no longer offer enough security impact to justify the current performance tradeoff.
I agree with this trade-off. These attacks are hard to get working, and it’s not easy to exfiltrate useful data. There are way easier ways to attack systems.
News article.