Meltdown/Spectre

Meltdown/Spectre
0

Indeni considers this vulnerability as a low severity issue due to the fact that all Indeni servers are located behind firewalls that are meant to prevent access to them by hackers. However, it's best practice to patch your system regardless of where the Indeni system resides.


6.0 PATCH INSTRUCTIONS


1. Indeni 6.0 needs to be patched using "sudo apt-get update; sudo apt-get upgrade"

2. When it asks to update the sudoer setting, select the default "N" option and continue.


The patch details can be found at:

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

https://usn.ubuntu.com/usn/usn-3522-2/


Please Note: There have been reports that kernel image 4.4.0-108 will cause Ubuntu to no longer load, but has been resolved on 4.4.0-109. We are currently testing this, so do not update your indeni server until we confirm continued functionality on the latest kernel image. Feel free to follow this post to get regular updates on where Indeni stands on the issue and when we announce that it is safe to update the system.


5.5 PATCH INSTRUCTIONS


A patch for indeni 5.5 is available at meltdown.tgz. The update procedure is:


1. Copy the file to /tmp on the indeni server.

2. SSH into the indeni server and perform, or copy/paste the following:


# get root access

sudo -i

# extract the patch

cd /tmp

tar xzvf meltdown.tgz

# run patch

cd meltdown

./deploy-patches.sh

# Reply with "Yes" to run the patch

# stop the service after applying the patch

service indeni4it stop

# reboot from new kernel

reboot


Hi, All,


Please hold-off on updating indeni 6 servers.


The patch was released by Ubuntu 2 days ago and we wnat to let it soak in our Lab

over the weekend.

On 1/22 Intel has asked everyone to hold off on patches.


https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/