CloudLinux - MDS - CloudLinux Blog
Blog
b2ap3_large_mds2
Теги:

Production: CloudLinux 6 kernel with the fix for the Zombieload2 is available

b2ap3_large_mds2
CloudLinux 6 kernel with the fix for the Zombieload2 vulnerabilities is now available for download from our production repository. To get ongoing information related to the Zombieload2 vulnerabilities, follow our KernelCare blog. To secure your CloudLinux 6 servers, you should proceed as we did with the previous MDS vulnerability: update microcode ...
Продолжить чтение
  2399 просмотров
  0 Комментариев
b2ap3_large_mds2
Теги:

Beta: CloudLinux 6 kernel with the fix for the Zombieload2 is available

b2ap3_large_mds2
CloudLinux 6 kernel with the fix for the Zombieload2 vulnerabilities is now available for download from our updates-testing repository. To get ongoing information related to the Zombieload2 vulnerabilities, follow our KernelCare blog. To secure your CloudLinux 6 servers, you should proceed as we did with the previous MSD vulnerability: update micro...
Продолжить чтение
  2262 просмотров
  0 Комментариев
b2ap3_large_mds2

We stopped the second Zombieload invasion

b2ap3_large_mds2
The latest set of Intel CPU vulnerabilities, called Zombieload2, has been addressed by us here at CloudLinux. Our KernelCare service has already started delivering patches for it, ensuring that your servers are protected against it. And I’m here to announce that CloudLinux 7 and CloudLinux 6 Hybrid kernel with the fix for the Zombieload2 vuln...
Продолжить чтение
  3791 просмотров
  0 Комментариев
mds3
Теги:

Let us subject MDS vulnerability to the glare of truth

mds3
Ok, let me throw a little light on the last release of the CloudLinux 7 and CloudLinux 6 kernel with the MDS vulnerability patch. MDS vulnerability explanation In the last three days, we’ve received a whole bunch of questions like Should I disable Hyper-Threading or not? and How Hyper-Threading disabling can impact performance? So, here we ar...
Продолжить чтение
Последние комментарии
Guest — Jeff
I'm confused by the microcode availability as the Intel chart doesn't match the list above. Intel's Guidance PDF shows many CPUs ... Read More
24.05.2019 20:52
Ivan Zhmud
Hello, Jeff! The table above should the same as the Intel's table in pdf. Just in our table is used classic cpuid and in PDF is us... Read More
24.05.2019 21:35
Guest — Jeff
Thanks. However, on multiple E3 and E5 cpus: Yum log shows May 16 02:23:26 Updated: 2:microcode_ctl-1.17-33.11.el6_10.x86_64 Ser... Read More
25.05.2019 19:54
  6118 просмотров
  5 Комментариев
MDS-fixed
Теги:

CloudLinux 6 kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.64 with a fix for MDS vulnerability is now available for download from our production repository. Changelog: CKSIX-218: x86 MDS mitigations::CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling;CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling;CVE-2018-12127 MLPDS Micro...
Продолжить чтение
Последние комментарии
Guest — Deyan
Hello, Can you please tell me why you do not suggest to install or upgrade microcode_ctl package with CL6 kernel, like you do wit... Read More
20.05.2019 22:56
Inessa Atmachian
Hello Deyan, Frankly speaking, we missed the microcode_ctl in our update command. Sorry for that — MDS vulnerability made too muc... Read More
21.05.2019 08:54
  6917 просмотров
  2 Комментариев
MDS-fixed

СloudLinux 7 and CloudLinux 6 Hybrid kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.25.8 with a fix for MDS vulnerability is now available for download from our production repository. Changelog: 1.5.25.7 CLKRN-446: backport 3.18 stable fixes to CloudLinux 7;CLKRN-417: enable KABI check;CLKRN-424: IOPS limits support for the noop IO scheduler;CLKRN-421: fixed...
Продолжить чтение
Последние комментарии
Guest — laoubi mohamed
hello sir does kernelcar support updating?
18.05.2019 00:39
Guest — AC
[[email protected]~]# cat /sys/devices/system/cpu/vulnerabilities/mds Mitigation: Clear CPU buffers; SMT vulnerable Do I need to disable SMT?... Read More
18.05.2019 02:40
Ivan Zhmud
Laoubi Mohamed hello! More information related KernelCare updating you can find in the latest blog post of KC team here https://... Read More
18.05.2019 11:01
  4521 просмотров
  8 Комментариев
MDS-fixed

Beta: CloudLinux 6 kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.64 with a fix for MDS vulnerability is now available for download from our updates-testing repository. Changelog: CKSIX-218: x86 MDS mitigations:CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling;CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling;CVE-2018-12127 MLPDS M...
Продолжить чтение
Последние комментарии
Guest — Tro
Do you plan to provide patches for MDS over kernelcare? Thanks
16.05.2019 09:30
Guest — Alexandre
Yes, we are working now on building the KC patches for MDS
16.05.2019 10:11
  4573 просмотров
  2 Комментариев
MDS-fixed

Beta: СloudLinux 7 and CloudLinux 6 Hybrid kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.25.8 with a fix for MDS vulnerability is now available for download from our updates-testing repository. Changelog: CLKRN-457: fix KABI breakage;CLKRN-458: x86 MDS mitigations:CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling;CVE-2018-12130 MFBDS Microarchite...
Продолжить чтение
  4286 просмотров
  0 Комментариев
mds2

MDS: We’re on the case

mds2
You may have heard the news about the latest Intel CPU vulnerability, MDS, or more popularly, Zombieload. We have too, and we're working on releases for CloudLinux OS 6 & 7. We'll release them to Beta today, Stable tomorrow. The vulnerability is similar to Meltdown and Spectre, in that it involves the exploitation of speculative execution featu...
Продолжить чтение
Последние комментарии
Guest — Jonathan
Will the patches be coming to CL kernel via kernelcare?
15.05.2019 17:24
Kateryna Obiidykhata
Hello Jonathan, the patches will be delivered as regular kernel update in beta version, today. Regarding the KernelCare patches f... Read More
15.05.2019 17:39
Eric
Hope this doesn't include another performance hit. At this rate, we'll need supercomputers to keep up with overhead of these patch... Read More
15.05.2019 19:26
  7944 просмотров
  16 Комментариев