Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Support for security such as Firewalls and securing linux
pradeep8985
Posts: 26
Joined: 2015/07/14 05:14:32

Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by pradeep8985 » 2018/01/06 11:40:53

Is there any patches released for the Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715. I just want to update only the patches for the fixes. Can you provide the patch details here pls.


User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by TrevorH » 2018/01/06 14:26:18

I just want to update only the patches for the fixes.
Please don't get into the habit of doing that as it will end up with an unmaintained and badly patched system. The patches we release are only tested with all previous patches applied. Do not cherry pick which things you put on and which you do not.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by hunter86_bg » 2018/01/06 19:13:45

Also , keep in mind that kernel live patching won't do the trick for these 2.

mtaa
Posts: 8
Joined: 2011/09/18 21:37:33

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by mtaa » 2018/01/07 03:33:07

Hi,

on centos 7 server,

when uname -r shows 3.10.0-693.11.6.el7.x86_64,

is it the newest safe kernel version ?


thanks

mghe
Posts: 766
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by mghe » 2018/01/07 13:50:12

mtaa wrote:Hi,

on centos 7 server,

when uname -r shows 3.10.0-693.11.6.el7.x86_64,

is it the newest safe kernel version ?


thanks
yes,

User avatar
peopleinside
Posts: 67
Joined: 2013/11/13 10:41:22

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by peopleinside » 2018/01/09 09:55:35

The security issue should be fixed by the host and also is suggested to update Centos 7 ?
The fix on Centos 7 has already be released?

Thanks for the help.

efowel
Posts: 1
Joined: 2018/01/09 10:35:15

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by efowel » 2018/01/09 10:41:23

Hi All,

Is there an official statement/documentation that 3.10.0-693.11.6.el7.x86_64 is NOT VULNERABLE from Meltdown and Spectre?

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by avij » 2018/01/09 11:51:07

Replying to the above two messages: Please read https://access.redhat.com/errata/RHSA-2018:0007 (both tabs) to learn that kernel-3.10.0-693.11.6.el7 fixes these issues. This kernel has already been released for CentOS 7.

invis1988
Posts: 2
Joined: 2018/01/09 15:11:23

Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Post by invis1988 » 2018/01/09 15:32:45

Having trouble installing updates, I use a custom repo that rsyncs from uwaterloo mirror. When using yum update it reports there are no available updates, but the package for the new kernel exists. Tried copying the uwaterloo repodata, then recreating my own after that failed. Is this kernel required to use manually installation of rpm?

Post Reply