Oracle Linux

Shown are the latest kernel versions as of the 9th of January which have Meltdown and Spectre patches.

Kernel versions can be found when running the `uname -r` command.

After the kernel is installed one can find the kernel/packages changelog and security info with the following commands and see in the page table isolation has been activated:

# yum updateinfo list
# yum updateinfo list cves
# yum updateinfo list kernel-uek
# yum updateinfo list --sec-severity=Important
# yum updateinfo info --sec-severity=Important
CVE-2017-1000407 Important/Sec. kernel-uek-4.1.12-112.14.13.el7uek.x86_64

# dmesg | grep isolation
[ 0.000000] Kernel/User page tables isolation: enabled

# rpm -q --changelog kernel | egrep 'CVE-2017-5715|CVE-2017-5753|CVE-2017-5754'
# rpm -q --changelog kernel-uek | egrep 'CVE-2017-5715|CVE-2017-5753|CVE-2017-5754'

Oracle Linux version 6

Kernel: 2.6.32-696.18.7 (errata: ELSA-2018-0008), 2018-01-04.

Kernel-uek: 4.1.12-112.14.10 (errata: ELSA-2018-4006), 2018-01-09.

Oracle Linux version 7

Kernel: 3.10.0-693.11.6 (errata: ELSA-2018-0007), 2018-01-04.

Kernel-uek: 4.1.12-112.14.10 (errata: ELSA-2018-4006), 2018-01-04.

Oracle VM version 3.4

Xen: 4.4.4-155.0.12.el6 (errata: OVMSA-2018-0006), 2018-01-08.

Unbreakable Linux Network CVE repository

Next links are to the Meltdown and Spectre descriptions described in the Oracle Linux CVE repository.

Meltdown (CVE-2017-5754)

https://linux.oracle.com/cve/CVE-2017-5754.html

Spectre (CVE-2017-5715 / CVE-2017-5753)

https://linux.oracle.com/cve/CVE-2017-5715.html

https://linux.oracle.com/cve/CVE-2017-5753.html

Critical Patch Updates, Security Alerts and Bulletins

https://www.oracle.com/technetwork/topics/security/alerts-086861.html

I don’t have any information or data on performance impact yet…