Spectre flaws mitigation is not available for the moment.
Our teams are working on the deployment of an Intel microcode (during the system boot and/or EFI). This microcode would require kernel counter-measures (understand patch/update) to fully mitigate against Variant 2 / CVE-2017-5715 (https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr).
Update(s):
Date: 2018-01-24 16:19:07 UTC The OVH bzImage versions have been adapted to 4.9.78 and 4.14.15, respectively.
Date: 2018-01-23 13:29:20 UTC Regarding OVH kernels, there are two updated versions available, which both mitigate the \"Meltdown\" as well as the \"Spectre Variant 2\" vulnerabilities.
Currently available are the versions 4.9.77 (stable/production) and 4.14.14 (testing). The 4.9 version is used for standard netboot and reinstallations if no other kernel is chosen.
Those kernels have been compiled with a retpoline-enabled GCC version 7.2, and are bundled with the latest (reference version v224) CPU microcodes obtained from Intel.
Those bzImages are updated regularly to reflect the latest findings and published best-practices. Microcodes for CPUs from AMD will be added when available.