Initial Fallout Spectre/Meltdown

 

End of business Friday 5h January - the state of Kernels looked a little like this with a quick eyeball of Kernel Versions, update, check, reboot:

CentOS7 - 3.10.0-693.11.6.el7

CloudLinux7 - 3.10.0-714.10.2.lve1.4.79.el7

With the latter, this having moved from beta to release.

For CentOS6 the pattern was a very different one - with CentOS going live with their kernel, however, CloudLinux pulling theirs - or rather leaving it in Beta for testing, and advising it was not used on enterprise platforms... awaiting a release later, over the weekend.

CentOS6 -

CloudLinux6* - 2.6.32-773.26.1.lve1.4.48.el6  -- unstable / will not boot.

Debian and Ubuntu and all their kind had not issued a new Kernel. The reason for this was simple enough - while the issue was released under non-disclosure agreement on the 9th November, it was not due to emerge from the embargo until Tuesday 9th January. This remained their release cycle.

My understanding is thus:

MELTDOWN - Kernel patch - done;

SPECTRE - has two parts:

Part One - patched through updates to microcode (CPU firmware);

Part Two - only a change of architecture will resolve this, however, the compromise is sufficiently difficult that you are already having a bad day to get there.

...  you may wish to check this with a grown up.

 

[update Sunday 7th January]

*CloudLinux - who to be fair have been fabulous in communication and honesty - have pushed the six kernel from beta to live overnight.

CloudLinux6 - 2.6.32-896.16.1.lve1.4.49

So this has now been resolved.

 

Leave a Reply

Your email address will not be published. Required fields are marked *