Applied latest microcode_ctl-1.17-25.6.el6_9.x86_64 to the kernel and rebooted.

These microcodes enable protection against the following vulnerabilities:

  • CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
  • CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
  • CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'

Although there has been much speculation as to the solution for the Spectre and Meltdown vulnerabilities having a significant impact on some server speeds, we have seen no indication of this since deployment.

Saturday, May 19, 2018

« Back