rssLink RSS for all categories
 
icon_red
icon_green
icon_blue
icon_red
icon_red
icon_green
icon_green
icon_orange
icon_green
icon_red
icon_red
icon_green
icon_green
icon_red
icon_orange
icon_red
icon_green
icon_green
icon_red
icon_red
icon_green
icon_green
icon_green
icon_blue
icon_orange
icon_green
icon_green
icon_green
icon_blue
icon_orange
icon_red
 

FS#29258 — Meltdown / Spectre

Attached to Project— Serveurs dédiés
Maintenance
ALL
In progress
0%
Regarding the different CVE publicized
- CVE-2017-5715 (branch target injection – Spectre)
- CVE-2017-5753 (bounds check bypass – Spectre)
- CVE-2017-5754 (rogue data cache load – Meltdown)

On Dedicated Servers, customer operations ARE REQUIRED in order to mitigate the Meltdown flaw.
Your system need to be updated: http://travaux.ovh.net/?do=details&id=29257.
If you are running an OVH Kernel, you can simply enable the 'Netboot' feature and reboot your system (https://docs.ovh.com/gb/en/dedicated/kernel-netboot/#boot-from-network-mode)

Spectre flaws mitigation is not available for the moment.
Our teams are working on the deployment of an Intel microcode (during the system boot and/or EFI). This microcode would require kernel counter-measures (understand patch/update) to fully mitigate against Variant 2 / CVE-2017-5715 (https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr).