MDS - CloudLinux Blog
Tags
mds3
Tags:

Let us subject MDS vulnerability to the glare of truth

mds3
Ok, let me throw a little light on the last release of the CloudLinux 7 and CloudLinux 6 kernel with the MDS vulnerability patch. MDS vulnerability explanation In the last three days, we’ve received a whole bunch of questions like Should I disable Hyper-Threading or not? and How Hyper-Threading disabling can impact performance? So, here we ar...
Continue reading
Recent Comments
Ivan Zhmud
Hello, Jeff! The table above should the same as the Intel's table in pdf. Just in our table is used classic cpuid and in PDF is us... Read More
Friday, 24 May 2019 21:35
Inessa Atmachian
Hi Jeff, We are sorry, but we are still investigating the problem. We will keep you with updates in this blog post.... Read More
Monday, 27 May 2019 15:35
Ivan Zhmud
Hello Jeff, we've released the new kernel with fixed checker which should show the correct status. You can find details here https... Read More
Thursday, 30 May 2019 14:01
  3781 Hits
  5 Comments
MDS-fixed

CloudLinux 6 kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.64 with a fix for MDS vulnerability is now available for download from our production repository. Changelog: CKSIX-218: x86 MDS mitigations:: CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling; CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling; CVE-2018-12127 MLPDS Mi...
Continue reading
Recent Comments
Inessa Atmachian
Hello Deyan, Frankly speaking, we missed the microcode_ctl in our update command. Sorry for that — MDS vulnerability made too muc... Read More
Tuesday, 21 May 2019 08:54
  4755 Hits
  2 Comments
MDS-fixed

СloudLinux 7 and CloudLinux 6 Hybrid kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.25.8 with a fix for MDS vulnerability is now available for download from our production repository. Changelog: 1.5.25.7 CLKRN-446: backport 3.18 stable fixes to CloudLinux 7; CLKRN-417: enable KABI check; CLKRN-424: IOPS limits support for the noop IO scheduler; CLKRN-421: fi...
Continue reading
Recent Comments
Ivan Zhmud
Laoubi Mohamed hello! More information related KernelCare updating you can find in the latest blog post of KC team here https://... Read More
Saturday, 18 May 2019 11:01
Ivan Zhmud
Hello AC! After updating you kernel it's not necessary but recommended. CPU bug allows to read data between CPU threads. Therefor... Read More
Saturday, 18 May 2019 11:17
Inessa Atmachian
Hi Snek, Most likely you have a kernel version less than 3.10.0-962.3.2.lve1.5.25.8.el7 because it is in this version the checker... Read More
Tuesday, 21 May 2019 08:37
  2544 Hits
  8 Comments
MDS-fixed

Beta: CloudLinux 6 kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.64 with a fix for MDS vulnerability is now available for download from our updates-testing repository. Changelog: CKSIX-218: x86 MDS mitigations: CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling; CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling; CVE-2018-12127 MLPD...
Continue reading
  2319 Hits
  2 Comments
MDS-fixed

Beta: СloudLinux 7 and CloudLinux 6 Hybrid kernel is available with a fix for MDS vulnerability

MDS-fixed
CloudLinux 7 and CloudLinux 6 Hybrid kernel version 3.10.0-962.3.2.lve1.5.25.8 with a fix for MDS vulnerability is now available for download from our updates-testing repository. Changelog: CLKRN-457: fix KABI breakage; CLKRN-458: x86 MDS mitigations: CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling; CVE-2018-12130 MFBDS Microarch...
Continue reading
  2228 Hits
  0 Comments
mds2

MDS: We’re on the case

mds2
You may have heard the news about the latest Intel CPU vulnerability, MDS , or more popularly, Zombieload . We have too, and we're working on releases for CloudLinux OS 6 & 7. We'll release them to Beta today, Stable tomorrow. The vulnerability is similar to Meltdown and Spectre, in that it involves the exploitation of speculative execution fea...
Continue reading
Recent Comments
Kateryna Obiidykhata
Hello Jonathan, the patches will be delivered as regular kernel update in beta version, today. Regarding the KernelCare patches f... Read More
Wednesday, 15 May 2019 17:39
Eric
Hope this doesn't include another performance hit. At this rate, we'll need supercomputers to keep up with overhead of these patch... Read More
Wednesday, 15 May 2019 19:26
Inessa Atmachian
Hi Eric, We do not have reports about performance hit. Regarding vulnerability estimation, you can check /sys/devices/system/cpu... Read More
Thursday, 16 May 2019 13:28
  4619 Hits
  16 Comments