EcoStruxure IT forum
Schneider Electric support forum about installation and configuration for DCIM including EcoStruxure IT Expert, IT Advisor, Data Center Expert, and NetBotz
Link copied. Please paste this link to share this article on your social media post.
Posted: 2020-07-04 03:38 AM . Last Modified: 2 weeks ago
You can patch CentOS v7 for Spectre and the Meltdown cyber security threats yourself if you have administrator access to the system.
First, check ssh to your system and try this command:
This is the system's kernel version. Take note of it.
Now, let's update CentOS to latest packages:
$ sudo yum updateDepending on your version of CentOS you may get different size of download. Mine was 294Mb. After accepting the download you may have to wait for packages to install.
When package update is complete, you should reboot your system:
After reboot you can check kernel version again
$ uname -r 3.10.0-693.11.6.el7.x86_64Version should be 3.10.0-693.11... or later.
You could also check kernel changelog, to see if it has entries about CVE-2017-5753
$ rpm -q --changelog kernel | egrep 'CVE-2017-5753' - [misc] locking/barriers: prevent speculative execution based on Coverity scan results (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [fs] udf: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [fs] prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [kernel] userns: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [scsi] qla2xxx: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [netdrv] p54: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [netdrv] carl9170: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [media] uvcvideo: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [x86] cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [x86] cpu/AMD: Make the LFENCE instruction serialized (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753} - [misc] locking/barriers: introduce new memory barrier gmb() (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}If your system was not patched, there are nothing in changelog about 'CVE-2017-5753'
This worked for me.
(CID:128062253)
Link copied. Please paste this link to share this article on your social media post.
Link copied. Please paste this link to share this article on your social media post.
Posted: 2020-07-04 03:38 AM . Last Modified: 2023-10-22 02:35 AM
This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.
Link copied. Please paste this link to share this article on your social media post.
Create your free account or log in to subscribe to the forum - and gain access to more than 10,000+ support articles along with insights from experts and peers.