[ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Arman Khalatyan
arm2arm at gmail.com
Thu Jan 11 15:49:52 UTC 2018
if you have recent supermicro you dont need to update the bios,
Some tests:
Crack test:
https://github.com/IAIK/meltdown
Check test:
https://github.com/speed47/spectre-meltdown-checker
the intel microcodes you can find here:
https://downloadcenter.intel.com/download/27431/Linux-Processor-Microcode-Data-File?product=41447
good luck.
Arman.
On Thu, Jan 11, 2018 at 4:32 PM, Derek Atkins <derek at ihtfp.com> wrote:
> Hi,
>
> On Thu, January 11, 2018 9:53 am, Yaniv Kaul wrote:
>
>> No one likes downtime but I suspect this is one of those serious
>> vulnerabilities that you really really must be protected against.
>> That being said, before planning downtime, check your HW vendor for
>> firmware or Intel for microcode for the host first.
>> Without it, there's not a lot of protection anyway.
>> Note that there are 4 steps you need to take to be fully protected: CPU,
>> hypervisor, guests and guest CPU type - plan ahead!
>> Y.
>
> Is there a HOW-To written up somewhere on this? ;)
>
> I built the hardware from scratch myself, so I can't go off to Dell or
> someone for this. So which do I need, motherboard firmware or Intel
> microcode? I suppose I need to go to the motherboard manufacturer
> (Supermicro) to look for updated firmware? Do I also need to look at
> Intel? Is this either-or or a "both" situation? Of course I have no idea
> how to reflash new firmware onto this motherboard -- I don't have DOS.
>
> As you can see, planning I can do. Execution is more challenging ;)
>
> Thanks!
>
>>> > Y.
>
> -derek
>
> --
> Derek Atkins 617-623-3745
> derek at ihtfp.com www.ihtfp.com
> Computer and Internet Security Consultant
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list