Meltdown and Spectre Vulnerabilities

Wednesday, 3rd Jan 2018, Google Project Zero announced the discovery of the Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715) processor vulnerabilities.

We have determined that these vulnerabilities will impact the following CaféX products shipped as an OVA image:

  • Supervisor Assist, all versions.

CaféX is actively patching Supervisor Assist to mitigate all vulnerabilities and should release a patched version by the end of Jan 2018.

In the meantime customers are able to patch the OS and hypervisor themselves as follows:

OS 

yum update kernel microcode_ctl linux-firmware

hypervisor

As per hypervisor vendor instructions.

NOTE - please remember to reboot your VM once the updates are complete.

If you require further information please contact support@cafex.com.

 
Have more questions? Submit a request

Comments

Powered by Zendesk