Meltdown and Spectre are the two new side channel attacks that exploit newly-discovered vulnerabilities hitting number of computer CPU processors and crippling operations. These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.
Debian was impacted by these vulnerabilities and in turn impacts all the supported versions Rovius CP i.e. 4.5, 4.5.1, 4.7, 4.7.1 and 4.11.
Following are the vulnerabilities for Meltdown:
This is the official reference to Meltdown. Common Vulnerabilities and Exposures (CVE) is the Standard for Information Security Vulnerability Names maintained by MITRE.
Debian has fixed the Meltdown vulnerability CVE-2017-5754. Accelerite has incorporated the fix from Debian in the SystemVM Templates and released new SystemVM Templates.
Click Here for the details of the new SystemVM Templates, install scripts, and installation instructions.
Red Hat and CentOS are among the impacted Management Server OSs. For details, refer to https://access.redhat.com/security/vulnerabilities/speculativeexecution.
In addition, various Hypervisors supported by Rovius CP were also impacted. Please check with respective Hypervisors for the current status of the fixes for these vulnerabilities.
- Citrix XenServer: https://support.citrix.com/article/ctx231390
- VMware: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
- HyperV: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
- KVM: https://www.qemu.org/2018/01/04/spectre/
Debian is yet to fix the Spectre vulnerability. This is being tracked by the following:
These are the official references to Spectre. CVE is the Standard for Information Security Vulnerability Names maintained by MITRE.
Accelerite shall incorporate the Spectre fix from Debian in the SystemVM Templates and release new SystemVM Templates as and when the fix is available from Debian.
We aim to keep posting updates here to provide the best protection for all our customers. Please watch this space.
If you have any more questions, please write to us at email@example.com