Hetzner - DokuWiki

Spectre and Meltdown/en

Inhaltsverzeichnis

Information about the vulnerabilities

On January 3rd, 2018, several security vulnerabilities within the microarchitecture of most modern processors were published, which could have the following results:

Those vulnerabilities are now known as:

For further information on this topic, please check the following resources:

Spectre-NG

On May 21st, 2018, two more security vulnerabilities were published:

For further information on this topic, please check the following resources:

Affected Products

We are still in the process of determining all of our affected products. So far, we have been able to confirm that the following products are affected:

Current Generation

AX-Line

  • affected by Variant 1, 2 & 4:
    • AX50-SSD
    • AX60-SSD
    • AX160-NVMe
    • AX160-SSD

EX-Line

  • EX41
  • EX41-SSD
  • EX41S
  • EX41S-SSD
  • EX51
  • EX51-SSD
  • EX51-SSD-GPU
  • EX61
  • EX61-NVMe

PX-Line

  • PX61
  • PX61-SSD
  • PX61-NVMe
  • PX92

DX-Line

Announcement: http://www.dell.com/support/contents/us/en/04/article/product-support/self-support-knowledgebase/software-and-downloads/support-for-meltdown-and-spectre?lang=de

  • DX152 (R640)
  • DX292 (R640)

SX-Line

  • SX61
  • SX131
  • SX291

Managed Servers

  • MX90
  • MX90-SSD
  • MX121
  • MX120-SSD
  • MX151-SSD

Previous Generations

  • AX10 (Cortex A15 + A7)
  • AX20 (Cortex A15 + A7)
  • AX30 (Cortex A15 + A7)
  • DX141 (Dell R530)
  • DX150 (Dell R720)
  • DX151 (Dell R730)
  • DX290 (Dell R720)
  • DX291 (Dell R730)
  • EQ4
  • EQ6
  • EQ8
  • EQ9
  • EQ10
  • EX4
  • EX4S
  • EX5
  • EX6
  • EX6S
  • EX8
  • EX8S
  • EX10
  • EX40
  • EX40-SSD
  • EX40-Hybrid
  • EX60
  • MQ7
  • MQ9
  • MQ10
  • MX120
  • MX150-SSD
  • MX151
  • PX60
  • PX60-SSD
  • PX70
  • PX70-SSD
  • PX80
  • PX90
  • PX90-SSD
  • PX91
  • PX91-SSD
  • PX120
  • PX120-SSD
  • PX121
  • PX121-SSD
  • SX60
  • SX130
  • SX290
  • XS13
  • XS29

Under Review

The following products are still under review and may be added to the affected list if new information regarding the used CPUs of these models are published:

  • DS3000
  • DS5000
  • DS7000
  • DS8000
  • DS9000

Update / Upgrade Path

Hardware / BIOS / Firmware

We are working with the respective manufacturers regarding firmware updates and will provide them as soon as possible.

We will keep a list of all updates which are available here:

Firmware Updates

The Microcode updates should also be available soon via the operating system updates.

Software / Operating System

Information about upcoming patches for all of our supported operating systems can be found in their specific bug tracker:


Debian

Ubuntu

Announcement: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

RedHat / CentOS

Announcement: https://access.redhat.com/security/vulnerabilities/speculativeexecution

Archlinux

Microsoft Windows

Announcement: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

other Operating Systems

Information about upcoming patches for not officially supported operating systems:

OpenSUSE

Announcement: https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00001.html

VMware

Announcement: https://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html

Webhosting/Managed Servers

The host systems will be updated to fix the vulnerabilities as soon as possible. The necessary reboots will be announced on Hetzner Status.

Since we manage your servers for you, you do not need to take any precautions for now.

Update 2018-01-09: The Update for Meltdown has been applied

Virtual Servers (VQ/VX)

The host systems will be updated to fix the vulnerabilities as soon as possible. The necessary reboots will be announced on Hetzner Status. You may subscribe to be notified.

Since the installed operating system may still be vulnerable, you need to install the updates, which provide the fixes, as soon as possible yourself. For more information on when the OS updates will be available, please check the links above.

Virtual Servers (CX)

The host systems will be updated to fix the vulnerabilities as soon as possible. These are expected to be done without any customer downtimes.

Should reboots be necessary, they will be announced on Hetzner Status. You may subscribe to be notified.

Since the installed operating system may still be vulnerable, you need to install the updates, which provide the fixes, as soon as possible yourself. For more information on when the OS updates will be available, please check the links above.



© 2018. Hetzner Online GmbH. Alle Rechte vorbehalten.