In this post, we want to ensure that customers are fully protected in the face of the recently disclosed CPU vulnerabilities. There is no change required to any version of PX and no need to update PX. However, customers should install the latest fixes from the Operating System distributions as patches are made available.
The Meltdown and Spectre attack are described fully at https://meltdownattack.com/, from the Google Project Zero team’s post, and in the following three CVE (Common Vulnerability and Exposure) issues:
The Portworx container is a Linux OCI container and there are no changes required to the Portworx container itself. Our teams are verifying performance impact and will keep customers and users aware of any impact. Given the severity, we do recommend customers install fixes from the Linux distribution as they are made available.
If customers require any additional assistance or have questions, please reach out to us including through our sales engineers, support channels, and on Slack.
Fixes and patches are being released by Linux distributions, including: