CloudLinux - CloudLinux Blog - MDS: We’re on the case
CloudLinux OS Blog

By accepting you will be accessing a service provided by a third-party external to https://www.cloudlinux.com/

MDS: We’re on the case

mds2

You may have heard the news about the latest Intel CPU vulnerability, MDS, or more popularly, Zombieload. We have too, and we're working on releases for CloudLinux OS 6 & 7. We'll release them to Beta today, Stable tomorrow.

The vulnerability is similar to Meltdown and Spectre, in that it involves the exploitation of speculative execution features in Intel CPUs, specifically using a technique known as Microarchitectural Data Sampling. It affects Intel Xeon and Core CPUs going back to 2011, but was only discovered recently.

Follow our blog to get all the instructions on how to apply the latest updates against this vulnerability. More information related MDS you can find in the latest blog post from KernelCare team

Beta: СloudLinux 7 and CloudLinux 6 Hybrid kernel ...
WHMCS plugin version 1.3.5 is here
 

Комментарии 16

You should install latest patched kernel 3.10.0-962.3.2.lve1.5.25.8
https://www.cloudlinux.com/cloudlinux-os-blog/entry/cloudlinux-7-and-cloudlinux-6-hybrid-kernel-is-available-with-a-fix-for-mds-vulnerability
This checker /sys/devices/system/cpu/vulnerabilities/mds will be exist

You should install latest patched kernel 3.10.0-962.3.2.lve1.5.25.8 https://www.cloudlinux.com/cloudlinux-os-blog/entry/cloudlinux-7-and-cloudlinux-6-hybrid-kernel-is-available-with-a-fix-for-mds-vulnerability This checker /sys/devices/system/cpu/vulnerabilities/mds will be exist

Hello, Jeff.
Could you provide full CPU id string to check an update?
Thanks in advance!

Hello, Jeff. Could you provide full CPU id string to check an update? Thanks in advance!

Hello

After last kernel installed and running : cat /sys/devices/system/cpu/vulnerabilities/mds

I get : Mitigation: Clear CPU buffers; SMT vulnerable

what it means? apparently is still vulnerable?

Thanks

Hello After last kernel installed and running : cat /sys/devices/system/cpu/vulnerabilities/mds I get : Mitigation: Clear CPU buffers; SMT vulnerable what it means? apparently is still vulnerable? Thanks

Hello Fabian,

To fully mitigate MDS, you have to disable SMT (hyperthreading). This message means that you haven't disabled SMT/hyperthreading yet.

Hello Fabian, To fully mitigate MDS, you have to disable SMT (hyperthreading). This message means that you haven't disabled SMT/hyperthreading yet.

Thanks Igor!

Any simple tutorial to disable hyperthreading? it can affect the server perofrmance?

I see this tutorial .. https://www.golinuxhub.com/2018/01/how-to-disable-or-enable-hyper.html
It can be done in Centos 7 with CL 7 ?

Thanks
Fabian

Thanks Igor! Any simple tutorial to disable hyperthreading? it can affect the server perofrmance? I see this tutorial .. https://www.golinuxhub.com/2018/01/how-to-disable-or-enable-hyper.html It can be done in Centos 7 with CL 7 ? Thanks Fabian

Hello Fabian.
We described the performance impact and how to disable HT in the article https://www.cloudlinux.com/cloudlinux-os-blog/entry/let-us-subject-mds-vulnerability-to-the-glare-of-truth-1
You can find there much useful information about your question.

Hello Fabian. We described the performance impact and how to disable HT in the article https://www.cloudlinux.com/cloudlinux-os-blog/entry/let-us-subject-mds-vulnerability-to-the-glare-of-truth-1 You can find there much useful information about your question.
Уже зарегистрированны? Войти на сайт
Guest
12.07.2020

Изображение капчи