After rumors began circulating and initial details were leaked, security researchers officially disclosed details surrounding two critical vulnerabilities affecting Intel and AMD processors.
Meltdown and Spectre are two critical vulnerabilities affecting Intel and AMD processors. They are hardware bugs who can allow malicious programs to steal data from the memory of other programs and potentially putting a large variety of sensitive information such as stored passwords, crypto-keys, and files at risk.
Following the announcement of thoses vulnerabilities, we have installed the latest stable version of the Jessie Kernel. After strong testing in real environment, our conclusions are the following:
- MailCleaner kernel is not vulnerable to Meltdown with the last kernel
- MailCleaner is still vulnerable to all variants of Spectre but our investigations do not show any way to exploit this vulnerability from outside the product.
- We can not see any increase of the load of MailCleaner servers using this last version of the kernel in comparison of oldest one.
Note that MailCleaner can not comment on the influence of the patching on all other levels (processors, virtualization layer,…).
Only MailCleaner servers in 2017.09 and upper can benefit of this patch. New installations and upgrade from 2016.10 to 2017.09 starting from today will automatically be patched.
To apply the patch on 2017.09 installed before today, you can apply this kernel upgrade with classic apt commands.
Please do not hesitate to visit our forum if you require further information.