Displaying 20 results from an estimated 4000 matches similar to: "Response to Meltdown and Spectre"
2018 Jan 18
5
Xen 4.4 Immediate EOL
Hi,
I am very sorry to do this on short notice, but obviously Meltdown and
Spectre are a lot more than anyone was really expecting to come down the
pipeline. Xen 4.4 has been EOL upstream for about a year now and I have
personally been reviewing and backporting patches based on the 4.5
versions made available upstream.
Given that 4.5 is now also reaching EOL, backporting to 4.4 will become
2018 Jan 19
1
Xen 4.4 Immediate EOL
On 01/19/2018 06:17 AM, Pasi K?rkk?inen wrote:
> On Thu, Jan 18, 2018 at 11:48:35AM -0600, Kevin Stange wrote:
>> Hi,
>>
>
> Hi,
>
>> I am very sorry to do this on short notice, but obviously Meltdown and
>> Spectre are a lot more than anyone was really expecting to come down the
>> pipeline. Xen 4.4 has been EOL upstream for about a year now and I
2018 Mar 16
2
spectre variant 2
Hi all!
I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU.
I note that when I run the redhat script to test for spectre & meltdown
I get this result for variant 2:
Variant #2 (Spectre): Vulnerable
CVE-2017-5715 - speculative execution branch target injection
- Kernel with mitigation patches: OK
- HW support / updated microcode: NO
- IBRS: Not disabled on
2018 Mar 09
4
CentOS 6 i386 - meltdown and spectre
Hi Johnny,
Thank you for your reply.
It seems to me that my message may have came around as offensive but that
was not my intend. I have basic understanding how things work and when I
said CentOS I actually meant Red Hat and all its derivatives. I asked
CentOS community because that's the community I'm member of. Not to say
that CentOS is not secure or anything like that.
Anyway,
2018 Mar 06
2
CentOS 6 i386 - meltdown and spectre
I have a clean install, fully updated CentOS 6 32-bit.
When I run the Red Hat detection script:
https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh
it finds that the system is vulnerable.
Is this false positive or there is no patches for CentOS 6 32-bit systems?
Thank you,
-- Peter
2018 Feb 19
2
Is CentOS Linux protected against the Meltdown and Spectre security flaws?
What are the patches that I can download and install to be protected
against the Meltdown and Spectre security vulnerabilities?
===BEGIN SIGNATURE===
Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017
[1] https://tdtemcerts.wordpress.com/
[2] http://tdtemcerts.blogspot.sg/
[3] https://www.scribd.com/user/270125049/Teo-En-Ming
===END SIGNATURE===
2018 Feb 12
1
Meltdown and Spectre
Does anyone know if Red Hat are working on backporting improved mitigation techniques and features from newer, 4.14.14+ kernels?
$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline
2018 Mar 09
0
CentOS 6 i386 - meltdown and spectre
I have built all the source code releases from upstream for RHEL-6
regarding meltdown /spectre and released those into packages into the
CentOS Linux 6.9 updates repository.
As to whether or not either Arch (x86_64 or i386) is or is not
vulnerable, the CentOS team does not test for or make claims concerning
security fitness. What we do build the source code that is released
upstream.
Users must
2018 Mar 09
0
CentOS 6 i386 - meltdown and spectre
On Fri, Mar 9, 2018 at 10:46 AM, Peter Wood <peterwood.sd at gmail.com> wrote:
> Anyway, I'm stuck with a few 32bit systems exposed to customers and I have
> to come up with an answer to their question about meltdown/spectre. At this
> point all I can say is that Red Hat hasn't patched 32bit systems but that
> is hard to believe so I assumed that I'm wrong and
2018 Mar 12
1
CentOS 6 i386 - meltdown and spectre
Awesome. Thank you.
Embarrassing but I can't find the Q&A page with this question. Can you
please post a link to it.
Thanks,
-- Peter
On Fri, Mar 9, 2018 at 11:16 AM, Akemi Yagi <amyagi at gmail.com> wrote:
> On Fri, Mar 9, 2018 at 10:46 AM, Peter Wood <peterwood.sd at gmail.com>
> wrote:
>
> > Anyway, I'm stuck with a few 32bit systems exposed to
2018 Jan 17
0
Effect Patches applied for Meltdown/Spectre Issues
Has anyone applied patches to gluster storage node or fuse clients in an
attempt to address Meltdown/Spectre issues? I'm curious if anyone has
noticed or expects to see a performance impact.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20180117/28573776/attachment.html>
2018 Feb 19
0
Is CentOS Linux protected against the Meltdown and Spectre security flaws?
Hi,
Depends on your centos release; 6 or 7 ? The most recent kernel are patched; have a look at the release notes, e.g.
https://www.redhat.com/archives/rhsa-announce/2018-January/msg00080.html <https://www.redhat.com/archives/rhsa-announce/2018-January/msg00080.html>
https://access.redhat.com/errata/RHSA-2018:0008 <https://access.redhat.com/errata/RHSA-2018:0008>
Regards . G?tz
2018 Jan 07
1
CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754
How about kernel-lt and kernel-ml?
Mike
On 01/04/2018 05:41 PM, Warren Young wrote:
> On Jan 4, 2018, at 12:18 PM, Walter H. <walter.h at mathemainzel.info> wrote:
>> will there be updates for these CVEs for CentOS 6?
> Red Hat hasn?t released them all yet. Quoting Christopher Robinson in the thread for this here:
>
> https://access.redhat.com/errata/RHSA-2018:0007
2018 Aug 30
1
Panic / EL6 / KVM / kernel-2.6.32-754.2.1.el6.x86_64
> >>> Does some one have problems related to KVM with
> >>> kernel-2.6.32-754.3.5.el6.x86_64 ??
> >>
> >> Yes, the exact same thing happened here, and I suspect it is related to
> >> older cpus that don't get any Spectre/Meltdown updates.
> >
> >
> > Thanks for the feedback. I' was assuming that some kind of
> >
2018 Feb 06
2
add Spectre variant 2 mitigations
On 6 February 2018 at 20:09, David Newall <openssh at davidnewall.com> wrote:
> Do we need to do anything? It's not clear to me how SSH is vulnerable to
> Spectre -- that is, how SSH can be used to execute a Spectre attack?
I am more concerned with it being the target of a Spectre style
attack. There's some long lived private data (host keys in the case
of sshd, session keys
2018 Aug 30
4
Panic / EL6 / KVM / kernel-2.6.32-754.2.1.el6.x86_64
Am 30.08.2018 um 10:54 schrieb isdtor <isdtor at gmail.com>:
>
> Leon Fauster via CentOS writes:
>> Since the update from kernel-2.6.32-754.2.1.el6.x86_64
>> to kernel-2.6.32-754.3.5.el6.x86_64 I can not boot my
>> KVM guests anymore!? The workstation panics immediately!
>>
>> I would not have expected this behavior now (last phase of OS).
>>
2018 Mar 16
0
spectre variant 2
On 16/03/18 18:24, Fred Smith wrote:
> Hi all!
>
> I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU.
>
What kernel are you running (uname -r)?
> I note that when I run the redhat script to test for spectre & meltdown
> I get this result for variant 2:
>
> Variant #2 (Spectre): Vulnerable
> CVE-2017-5715 - speculative execution branch
2018 Jan 09
3
CentOS Linux 7 (1708) AltArch i386 Kernel
Red Hat no longer maintains the i386 kernel for RHEL 7.4.? We have been
using a modified kernel until this latest meltdown / spectre? release
(*kernel-3.10.0-693.11.6.el7*).
This latest release does not build on i386/i686 and we can't figure out
how to make it work.?
Build try:
https://buildlogs.centos.org/c7.1708.u.i386/kernel/20180109171431/3.10.0-693.11.6.el7.centos.plus.i386/
SRPM:
2018 Jan 19
0
Xen 4.4 Immediate EOL
On Thu, Jan 18, 2018 at 11:48:35AM -0600, Kevin Stange wrote:
> Hi,
>
Hi,
> I am very sorry to do this on short notice, but obviously Meltdown and
> Spectre are a lot more than anyone was really expecting to come down the
> pipeline. Xen 4.4 has been EOL upstream for about a year now and I have
> personally been reviewing and backporting patches based on the 4.5
> versions
2018 Jan 17
4
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
I've built & tagged packages for CentOS 6 and 7 4.6.6-9, with XPTI
"stage 1" Meltdown mitigation.
This will allow 64-bit PV guests to run safely (with a few caveats),
but incurs a fairly significant slowdown for 64-bit PV guests on Intel
boxes (including domain 0).
If you prefer using Vixen / Comet, you can turn it off by adding
'xpti=0' to your Xen command-line.