Spectre and meltdown patches

Support for security such as Firewalls and securing linux
timcenty
Posts: 8
Joined: 2018/04/10 16:25:21

Spectre and meltdown patches

Postby timcenty » 2018/05/15 04:03:28

Hi,

Does anyone know a link where one can find the proper patches and info for Centos 7x to mitigate the Spectre and Meltdown vulns?
Also looking for info if we want to roll back the changes.

Thanks

User avatar
TrevorH
Forum Moderator
Posts: 22590
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Spectre and meltdown patches

Postby TrevorH » 2018/05/15 06:40:55

Meltdown/spectre fixes were first included in the CentOS 7 kernel as of kernel-3.10.0-693.11.6.el7.x86_64 and are in all subsequent kernels up to the latest which is currently kernel-3.10.0-862.2.3.el7.x86_64

See https://access.redhat.com/security/vuln ... eexecution for details and https://www.redhat.com/en/blog/what-are ... -need-know for an overview of the problems. Kernel/libvirt/qemu-kvm updates are now released, run `yum update`. New microcode MUST be downloaded from hardware vendors though this is not necessarily recommended.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

timcenty
Posts: 8
Joined: 2018/04/10 16:25:21

Re: Spectre and meltdown patches

Postby timcenty » 2018/05/17 03:35:46

Thank you! It looks like the guests running CentOS will have to be patched as well.