Chromium OS‎ > ‎

Meltdown/Spectre vulnerability status for Chrome OS devices

This page details status for Chrome OS devices regarding the Meltdown and Spectre vulnerabilities, also known as "speculative execution vulnerabilities" described by Google Project Zero.

(Previously located at https://www.chromium.org/chrome-os-devices-and-kernel-versions.)

Meltdown

Google has been working on updates that contain the Kernel Page Table Isolation (KPTI) mitigation for Meltdown. ARM Chrome OS devices are not affected by Meltdown. Most Intel devices received KPTI with M63. All Intel devices have received KPTI with M66, and therefore all Intel Chrome OS devices are now protected against Meltdown.

(2018-May-22: Updated to note that all Intel devices are now protected against Meltdown.)

Variant 3 (CVE-2017-5754)

The following subsections indicate the vulnerability status of Chrome OS hardware for Variant 3 (CVE-2017-5754), which is also referred to as Meltdown.

Protection against Variant 3

These devices have received the KPTI / KAISER patch in Chrome OS 63 and are protected against Meltdown:


Marketing name

Public codename

Dell Chromebook 13 3380

asuka

Acer Chromebook 15 (CB3-532)

banon

Samsung Chromebook Pro

caroline

ASUS Chromebook Flip C302

cave

Samsung Chromebook 3

celes

HP Chromebook 13 G1

chell

Acer Chromebook R11 (CB5-132T / C738T)

cyan

Chromebook 14 (CB3-431)

edgar

Chromebook 11 Model 3180

kefka

Chromebook 14 for work (CP5-471)

lars

Acer Chromebook 11 (C771, C771T)

lili

HP Chromebook 11 G5 EE

locke

Lenovo N23 Chromebook

reks

Lenovo N23 Chromebook (Touch)

reks

Lenovo N42 (Touch) Chromebook

reks

Lenovo N22 (Touch) Chromebook

reks

Mecer V2 Chromebook

relm

Edxis Education Chromebook

relm

CTL NL61 Chromebook

relm

Dell Chromebook 11 3189

sabin

Thinkpad 13 Chromebook

sentry

HP Chromebook 11 G5 / HP Chromebook 11-vxxx

setzer

ASUS Chromebook C202SA

terra

ASUS Chromebook C300SA/C301SA

terra13

Acer Chromebook 11 N7 (C731)

tifa

ThinkPad 11e Chromebook 3rd Gen (Yoga/Clamshell)

ultima

Multilaser M11C Chromebook

wizpig

Viglen Chromebook 360

wizpig

PCMerge Chromebook PCM-116T-432B

wizpig

Edugear CMT Chromebook

wizpig

CTL J5 Chromebook

wizpig

Prowise ProLine Chromebook

wizpig

Haier Convertible Chromebook 11 C

wizpig

Acer Chromebook 15 (CB3-531)

banjo

ASUS Chromebook C213NA

basking

Dell Chromebook 11 (3120)

candy

Lenovo N20 Chromebook

clapper

Acer Chromebook Spin 11 (R751T)

electro

JP Sa Couto Chromebook

enguarde

ASI Chromebook

enguarde

eduGear Chromebook R

enguarde

Videonet Chromebook

enguarde

True IDC Chromebook

enguarde

Crambo Chromebook

enguarde

RGS Education Chromebook

enguarde

Edxis Education Chromebook

enguarde

Senkatel C1101 Chromebook

enguarde

M&A Chromebook

enguarde

CTL N6 Education Chromebook

enguarde

Education Chromebook

enguarde

Google Pixelbook

eve

Edxis Chromebook

expresso

Bobicus Chromebook 11

expresso

HEXA Chromebook Pi

expresso

Consumer Chromebook

expresso

Lenovo ThinkPad 11e Chromebook

glimmer

Acer Chromebook 11 (C730 / C730E)

gnawty

Chromebook 11 (C735)

gnawty+

Haier Chromebook 11 G2

heli

Lenovo N21 Chromebook

hoofer

HP Chromebook 11 2100-2199 / HP Chromebook 11 G3

kip

HP Chromebook 11 2200-2299 / HP Chromebook 11 G4 / G4 EE

kip

HP Chromebook 14 ak000-099 / HP Chromebook 14 G4

kip14

AOpen Chromebox Commercial

ninja

Lenovo 100S Chromebook

orco

Lenovo Thinkpad 11e Chromebook (4th Gen) / Lenovo Thinkpad Yoga 11e Chromebook (4th Gen)

pyro

ASUS Chromebook C300MA

quawks

Chromebook 15 CB515-1HT/1H

sand

HP Chromebook x360 11 G1 EE

snappy

ASUS Chromebook C200MA

squawks

AOpen Chromebase Commercial

sumo

Toshiba Chromebook 2

swanky

Samsung Chromebook 2 11 - XE500C12

winky

Older Intel devices

These devices with kernel 3.14 have received the KPTI / KAISER patch in Chrome OS 65 and are protected against Meltdown:

Marketing name

Public codename

Acer Chromebase 24

buddy

Toshiba Chromebook 2 (2015 Edition)

gandof

ASUS Chromebox CN62

guado

Dell Chromebook 13 7310

lulu

Acer Chromebook 11 (C740)

paine

Acer Chromebox CXI2

rikku

Google Chromebook Pixel (2015)

samus

Lenovo ThinkCentre Chromebox

tidus

Acer Chromebook 15 (CB5-571)

yuna

These devices with kernel 3.8 have received the KPTI / KAISER patch in Chrome OS 66 and are protected against Meltdown:

Marketing name

Public codename

HP Pavilion Chromebook 14

butterfly

HP Chromebook 14

falco

Toshiba Chromebook

leon

Google Chromebook Pixel

link

Acer Chromebox

mccloud

LG Chromebase 22CB25S

monroe

LG Chromebase 22CV241

monroe

ASUS Chromebox CN60

panther

Acer C720 Chromebook

peppy

Lenovo Thinkpad X131e Chromebook

stout

Samsung Chromebox Series 3

stumpy

Dell Chromebox

tricky

Dell Chromebook 11

wolf

HP Chromebox CB1-(000-099) / HP Chromebox G1 / HP Chomebox for Meetings

zako

ARM devices

ARM Chrome OS devices are not affected by Meltdown. This applies to the following devices:

Marketing name

Public codename

Poin2 Chromebook 14

birch

Acer Chromebook R13 (CB5-312T)

elm

Lenovo N23 Yoga/Flex 11 Chromebook

hana

Poin2 Chromebook 11C

hanawl

ASUS Chromebook Flip C101PA

bob

Samsung Chromebook Plus

kevin

Samsung Chromebook 2 13"

pi

Samsung Chromebook 2 11"

pit

HP Chromebook 11 2000-2099 / HP Chromebook 11 G2

skate

Samsung Chromebook

snow

HP Chromebook 11 1100-1199 / HP Chromebook 11 G1

spring

Acer Chromebook 13 (CB5-311)

big

HP Chromebook 14 x000-x999 / HP Chromebook 14 G3

blaze

Acer Chromebase

kitty

AOpen Chromebox Mini

fievel

Medion Akoya S2013

jaq

True IDC Chromebook 11

jaq

Xolo Chromebook

jaq

Haier Chromebook 11

jaq

VideoNet Chromebook BL10

jerry

Mecer Chromebook

jerry

Positivo Chromebook CH1190

jerry

Epik 11.6" Chromebook ELB1101

jerry

NComputing Chromebook CX100/110

jerry

eduGear Chromebook K Series

jerry

CTL J2 / J4 Chromebook for Education

jerry

HiSense Chromebook 11

jerry

Poin2 Chromebook 11

jerry

ASUS Chromebit CS10

mickey

Prowise 11.6" Entry Line Chromebook

mighty

MEDION Chromebook S2015

mighty

Chromebook PCM-116E

mighty

Lumos Education Chromebook

mighty

Viglen Chromebook 11

mighty

Sector 5 E1 Rugged Chromebook

mighty

eduGear Chromebook M Series

mighty

Nexian Chromebook 11.6-inch

mighty

Haier Chromebook 11e

mighty

ASUS Chromebook Flip C100PA

minnie

ASUS Chromebook C201PA

speedy

AOpen Chromebase Mini

tiger

Spectre

The following subsections indicate Chrome OS status with respect to the Spectre vulnerability (also referred to as "Variant 1" and "Variant 2" in the Project Zero blog post). Spectre potentially allows access to data held in other processor execution contexts. The victim execution context (kernel or process) must have certain code patterns in their address space.

Variant 1 (CVE-2017-5753)

The Linux kernel has a feature called eBPF that is used to run untrusted code. The Project Zero blog post describes how this can be abused by attackers to generate vulnerable code patterns in the kernel. However, Chrome OS disables eBPF in its kernels and therefore is not exposed to Spectre Variant 1 via eBPF. Additional Spectre variant 1 mitigations available in the Chrome browser are described here.

Variant 2 (CVE-2017-5715)

The Project Zero blog post describes how virtualization can be used to exploit Spectre Variant 2. Chrome OS devices that ship Linux VMs contain mitigations for Spectre variant 2.

(2018-Oct-05: Updated to reflect usage of virtualization features on Chrome OS; fixes for ARM devices on kernel 3.18.)

Intel devices

On Intel devices we’ve deployed the Retpoline compiler-based mitigation for all Chrome OS kernels, starting with Chrome OS 65. This mitigation prevents kernel-to-user, guest-to-guest, and host-to-guest information leaks using Spectre variant 2.

ARM devices

On ARM devices we’ve started integrating firmware and kernel patches supplied by ARM. ARM devices will receive updated firmware and kernels before they enable virtualization features.

Some ARM devices on 4.4 kernels received Spectre variant 2 fixes with Chrome OS 67. These fixes were later discovered to be incomplete and updated with Chrome OS 70:

Marketing namePublic codename
 ASUS Chromebook Flip C101PA bob
Samsung Chromebook Pluskevin

Some ARM devices on 3.18 kernels will receive Spectre variant 2 fixes with Chrome OS 71:

Marketing namePublic codename
Acer Chromebook R13 (CB5-312T)elm
Poin2 Chromebook 14birch
Poin2 Chromebook 11Chana
Lenovo 300e/N23 Yoga/Flex 11 Chromebookhana

Speculative store buffer bypass (variant 4)

Vulnerability description

Following on their Meltdown and Spectre research, Google's Project Zero disclosed a fourth variant of their speculative execution attacks, Speculative store buffer bypass (CVE-2018-3639). On Chrome OS this variant affects the Chrome browser and is also mitigated by Site Isolation.

Chrome OS response

Chrome OS 67 enables Site Isolation by default across the Chrome OS fleet. Chrome OS 67 will be released on the stable channel around June 5, 2018. Site isolation may increase memory use by approximately 10%. For more information on Site isolation, including how to enable it manually, see the Chrome Help article.

Affected devices

Intel devices with Core processors, or Apollo Lake Atom processors, are affected by this variant. ARM devices with MTK8173 processors, or RK3399 processors, are affected by this variant. The cpu line in the chrome:system page will show what CPU the device has.

The following list covers affected devices that will be mitigated in Chrome OS 67:


Marketing name Public codename Platform
HP Chromebook 11 G6 EE alan Apollo Lake
Acer Chromebook 11 (C732, C732T, C732L & C732LT) astronaut Apollo Lake
Dell Chromebook 13 3380 asuka Skylake-U
ASUS Chromebook C213NA basking Apollo Lake
HP Chromebook 14 G5 bigdaddy Apollo Lake
Poin2 Chromebook 14 birch MTK8173
ASUS Chromebook Flip C101PA bob RK3399
Acer Chromebase 24 buddy Broadwell
Samsung Chromebook Pro caroline Skylake-Y
ASUS Chromebook Flip C302 cave Skylake-Y
HP Chromebook 13 G1 chell Skylake-Y
Acer Chromebook Spin 11 (R751T) electro Apollo Lake
Acer Chromebook R13 (CB5-312T) elm MTK8173
Google Pixelbook eve Kabylake-Y
HP Chromebook 14 falco Haswell
Toshiba Chromebook 2 (2015 Edition) gandof Broadwell
ASUS Chromebox CN62 guado Broadwell
Lenovo 300e/N23 Yoga/Flex 11 Chromebook hana MTK8173
Poin2 Chromebook 11C hana MTK8173
Samsung Chromebook Plus kevin RK3399
Chromebook 14 for work (CP5-471) lars Skylake-U
Acer Chromebook Spin 11 (CP311-1H & CP311-1HN) lava Apollo Lake
Toshiba Chromebook leon Haswell
Acer Chromebook 11 (C771, C771T) lili Skylake-U
Google Chromebook Pixel link Ivy Bridge
Dell Chromebook 13 7310 lulu Broadwell
Acer Chromebox mccloud Haswell
LG Chromebase 22CV241 monroe Haswell
LG Chromebase 22CB25S monroe Haswell
Dell Chromebook 11 5190 nasher Apollo Lake
Dell Chromebook 11 2-in-1 5190 nasher360 Apollo Lake
Acer Chromebook 11 (C740) paine Broadwell
ASUS Chromebox CN60 panther Haswell
Acer C720 Chromebook peppy Haswell
Lenovo Thinkpad 11e Chromebook (4th Gen)
Lenovo Thinkpad Yoga 11e Chromebook (4th Gen)		 pyro Apollo Lake
Acer Chromebox CXI2 rikku Broadwell
Lenovo 100e Chromebook robo Apollo Lake
Lenovo 500e Chromebook robo360 Apollo Lake
Google Chromebook Pixel (2015) samus Broadwell
Chromebook 15 CB515-1HT/1H sand Apollo Lake
Acer Chromebook 11 (CB311-8H & CB311-8HT) santa Apollo Lake
Thinkpad 13 Chromebook sentry Skylake-U
HP Chromebook x360 11 G1 EE snappy Apollo Lake
Lenovo Thinkpad X131e Chromebook stout Ivy Bridge
Lenovo ThinkCentre Chromebox tidus Broadwell
Dell Chromebox tricky Haswell
Dell Chromebook 11 wolf Haswell
Acer Chromebook 15 (CB5-571) yuna Broadwell
HP Chromebox CB1-(000-099)
HP Chromebox G1
HP Chromebox for Meetings		 zako Haswell

The following list covers affected devices that are End-of-Life as of Chrome OS 65:

Marketing name Public codename Platform
HP Pavilion Chromebook 14 butterfly Sandy Bridge
Samsung Chromebook Series 5 550 lumpy Sandy Bridge
Acer C7 Chromebook parrot Sandy Bridge / Ivy Bridge
Samsung Chromebox Series 3 stumpy Sandy Bridge

Comments