Page 1 of 1

Spectre and meltdown patches

Posted: 2018/05/15 04:03:28
by timcenty
Hi,

Does anyone know a link where one can find the proper patches and info for Centos 7x to mitigate the Spectre and Meltdown vulns?
Also looking for info if we want to roll back the changes.

Thanks

Re: Spectre and meltdown patches

Posted: 2018/05/15 06:40:55
by TrevorH
Meltdown/spectre fixes were first included in the CentOS 7 kernel as of kernel-3.10.0-693.11.6.el7.x86_64 and are in all subsequent kernels up to the latest which is currently kernel-3.10.0-862.2.3.el7.x86_64

See https://access.redhat.com/security/vuln ... eexecution for details and https://www.redhat.com/en/blog/what-are ... -need-know for an overview of the problems. Kernel/libvirt/qemu-kvm updates are now released, run `yum update`. New microcode MUST be downloaded from hardware vendors though this is not necessarily recommended.

Re: Spectre and meltdown patches

Posted: 2018/05/17 03:35:46
by timcenty
Thank you! It looks like the guests running CentOS will have to be patched as well.

Re: Spectre and meltdown patches

Posted: 2018/05/29 11:40:27
by sanjeevcentos
My Centos (HP-DL360G9) 7.3 has Kernel version as 3.10.0-514.6.2.el7.x86_64.
Can you please suggest Spectre and Meltdown patches for this Kernel?
Please do share the official links to download the patches..

Thanks!

Re: Spectre and meltdown patches

Posted: 2018/05/29 11:56:07
by TrevorH
7.3 is unsupported and will never get any more updates. You need to yum update to 7.5 to get current and get all available fixes. The current latest kernel is 3.10.0-862.3.2.el7. You are about 18 months out of date.