Show all projects
Corporate Websites1
Dedicated Cloud18
Dedicated Server4

Dedicated Server

Meltdown / Spectre

Created: Jan 06, 2018 14:57
Closed: Feb 25, 2019 12:28

CLOSED - Maintenance

Regarding the different CVE publicized
- CVE-2017-5715 (branch target injection – Spectre)
- CVE-2017-5753 (bounds check bypass – Spectre)
- CVE-2017-5754 (rogue data cache load – Meltdown)
On Dedicated Servers, customer operations ARE REQUIRED in order to mitigate the Meltdown flaw.
Your system need to be updated:
If you are running an OVH Kernel, you can simply enable the 'Netboot' feature and reboot your system (
Spectre flaws mitigation is not available for the moment.
Our teams are working on the deployment of an Intel microcode (during the system boot and/or EFI). This microcode would require kernel counter-measures (understand patch/update) to fully mitigate against Variant 2 / CVE-2017-5715 (
Regarding OVH kernels, there are two updated versions available, which both mitigate the "Meltdown" as well as the "Spectre Variant 2" vulnerabilities. Currently available are the versions 4.9.77 (stable/production) and 4.14.14 (testing). The 4.9 version is used for standard netboot and reinstallations if no other kernel is chosen. Those kernels have been compiled with a retpoline-enabled GCC version 7.2, and are bundled with the latest (reference version v224) CPU microcodes obtained from Intel. Those bzImages are updated regularly to reflect the latest findings and published best-practices. Microcodes for CPUs from AMD will be added when available. If you want to update an existing installation using those kernels, you can either: - boot the kernel directly from network as described in, or - install the OVH kernel on your disk in the /boot directory and adapting your bootloader's config ("update-grub" on Debian/Ubuntu or "grub2-mkconfig" on RHEL/CentOS/Fedora/SuSE and others) after downloading the corresponding files from or respectively.
Jan 23, 2018 14:29 by OVH
The OVH bzImage versions have been adapted to 4.9.78 and 4.14.15, respectively.
Jan 24, 2018 17:19 by OVH