In a move that prioritizes performance over theoretical security risks, Canonical has announced it will disable certain Intel GPU security mitigations in Ubuntu 25.10.
This change, backed by Intel itself, could boost graphics and compute performance by up to 20%.
Intel initially deployed these mitigations as part of its broader response to critical CPU vulnerabilities like Spectre and Meltdown. While these CPU flaws once shook the tech world, no actual attacks have ever been reported via Intel’s integrated GPUs. Still, precautionary mitigations were enabled – at the cost of noticeable GPU performance degradation.
Canonical’s findings confirmed that these safeguards on the Intel graphics stack led to a significant hit in performance. After joint evaluation, both Intel and Canonical agreed the GPU-specific Spectre mitigations were no longer necessary. The kernel-level defenses already in place offer sufficient protection, and disabling GPU-level mitigations yields a tangible performance lift with minimal risk.
The changes will be implemented via the NEO_DISABLE_MITIGATIONS build flag and are expected to land in Ubuntu 25.10. Intel’s own builds of Compute Runtime have already dropped these mitigations, signaling a green light for other Linux distributions to follow suit.
However, some concerns linger about possible new exploit pathways. Canonical and Intel have reviewed the risks and signed off on the update, emphasizing that warning messages will still alert users running customized kernels without proper protections.
This decision marks a pivotal moment in the ongoing trade-off between airtight security and peak performance, especially for users relying on GPU compute power. While critics may raise eyebrows, developers and gamers alike are likely to welcome the performance gains – especially in an era where every frame counts.