Meltdown and Spectre
Re: Meltdown and Spectre
Me too, like mace07, I have a CentOS (v. 6.9) with Kernel 2.6.32-042stab120.16 .
It's a VPS so that "stab" could be due to that.
What I know is that the Virtualization system is Virtuozzo and the Web Server is managed through Plesk 17.5.3 Update #35
Also I can not find recent updates with Yum Update
It's a VPS so that "stab" could be due to that.
What I know is that the Virtualization system is Virtuozzo and the Web Server is managed through Plesk 17.5.3 Update #35
Also I can not find recent updates with Yum Update
Re: Meltdown and Spectre
Your system is not CentOS, it's an openvz container and the kernel is not managed by you, it's controlled by the host system on which you are running. To update the kernel you need to talk to the hoster who controls the host machine.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Meltdown and Spectre
Thanks TrevorHTrevorH wrote:Your system is not CentOS, it's an openvz container and the kernel is not managed by you, it's controlled by the host system on which you are running. To update the kernel you need to talk to the hoster who controls the host machine.
I opened a ticket with my Hosting to know the kernel update and also the explanations on the Operating System, since in my panel it shows me "CentOS 6.9 (Final)"
Re: Meltdown and Spectre
Hi,
on my centos 6 server,
when uname -r shows 2.6.32-696.18.7.el6.x86_64 ,
does it mean i had apply the newest safe kernel ?
thanks
on my centos 6 server,
when uname -r shows 2.6.32-696.18.7.el6.x86_64 ,
does it mean i had apply the newest safe kernel ?
thanks
Re: Meltdown and Spectre
As you can see in the first post, or here ( https://lists.centos.org/pipermail/cent ... 22701.html ), you are running the latest released kernel for your CentOS version (kernel-2.6.32-696.18.7.el6.x86_64), so you are protected from Meltdown and Spectre.mtaa wrote:Hi,
on my centos 6 server,
when uname -r shows 2.6.32-696.18.7.el6.x86_64 ,
does it mean i had apply the newest safe kernel ?
thanks
Re: Meltdown and Spectre
Thanks for making the fix available.
Will CentOS upgrade the kernel, xen and libvirt under xen4centos to have the fix?
Regards,
Tom
Will CentOS upgrade the kernel, xen and libvirt under xen4centos to have the fix?
Regards,
Tom
Re: Meltdown and Spectre
Seems like you are using OpenVZ VPS. in this case, the Host has to be patched.mace07 wrote:I'm a little confused - I'm running Centos 6 and my kernel version is 2.6.32-042stab120.16. But all the references to the meltdown kernel fix say the new kernel version is kernel-2.6.32-696. I guess i must be using an old kernel, but how do I update to make sure my kernel is protected? Yum says no packages marked for update.
Thanks
-
- Posts: 1
- Joined: 2018/01/09 13:08:51
Re: Meltdown and Spectre
To verify the spectre/meltdown vulnerability:
1. Download this script.
https://prnt.sc/hy14be
1. Download this script.
2. Run it.
3. Results will be like as enclosed if system is still has the vulnerability and not patched.chmod 755 /tmp/spectre-meltdown-checker.sh && sh /tmp/spectre-meltdown-checker.sh
https://prnt.sc/hy14be
Re: Meltdown and Spectre
Hello,
I am running a custom patch server which syncs to uwaterloo mirror. The update package was downloaded and is contained in the repo. Just incase my script failed I manually ran createrepo --update to make sure it 5is recognized. When using uname -r I still have 5.2, and when I run yum update it states "no packages marked for update". Just wondering if there is another way I am supposed to update the kernel in this case, if not I will continue to troubleshoot my repo..
Thanks
I am running a custom patch server which syncs to uwaterloo mirror. The update package was downloaded and is contained in the repo. Just incase my script failed I manually ran createrepo --update to make sure it 5is recognized. When using uname -r I still have 5.2, and when I run yum update it states "no packages marked for update". Just wondering if there is another way I am supposed to update the kernel in this case, if not I will continue to troubleshoot my repo..
Thanks
-
- Posts: 2
- Joined: 2018/01/09 15:48:23
Re: Meltdown and Spectre
I just applied the update. My kernel version is 3.10.0-693.11.6.el7.x86_64 now.
I then proceeded testing with the following code: https://gist.github.com/Badel2/ba8826e6 ... d098d98d27
I was expecting the code to stop working, since it refers to specter (CVE-2017-5753), which is supposed to be fixed by this security update.
Am I testing the wrong problem here?
I then proceeded testing with the following code: https://gist.github.com/Badel2/ba8826e6 ... d098d98d27
I was expecting the code to stop working, since it refers to specter (CVE-2017-5753), which is supposed to be fixed by this security update.
Am I testing the wrong problem here?