In a recent security advisory, Salvatore Bonaccorso writes that the last Linux kernel update released for Debian GNU/Linux 9 “Stretch” to mitigate the L1 Terminal Fault (L1TF) security vulnerabilities is causing boot failures for users on the ARM architecture.
Also known as Foreshadow, these security vulnerabilities are similar to the Spectre security vulnerabilities and allow an attacker that has access to an unprivileged process to read the memory from arbitrary addresses that aren’t controlled by users, including from the kernel.
To mitigate the two L1TF security vulnerabilities (CVE-2018-3620 and CVE-2018-3646), users had to update their kernels to version 4.9.110-3+deb9u3 and also install the latest processors microcode firmware update from the Debian non-free repositories.
If you’re using Debian GNU/Linux 9 “Stretch” on an ARM machine, and you updated the kernel package to the version mentioned above, you might have experienced boot failures. Therefore, a patch is now available to fix this regression via a new Linux kernel update.
To fix the regression on your ARM systems running Debian GNU/Linux 9 “Stretch,” you must update the kernel to version 4.9.110-3+deb9u4. Make sure you reboot your machine after installing the new Linux kernel version in your system.
Submitted by: Arnfried Walbrecht