Per our last post, we wanted to provide a brief follow up on the status of the Meltdown mitigation at Linode. We are happy to announce that we have successfully mitigated Meltdown across our entire KVM fleet. There are a small number of Xen Linodes that will be migrated to KVM over the coming weeks. We’ll reach out to these customers shortly in order to let them know about their migration window.
We strongly felt and still feel that taking steps to mitigate known vulnerabilities sooner rather than later was the appropriate course of action. We want to ensure that our customers are always safe and secure rather than wait for uncertain mitigations to come to market in the future without a firm timeline.
We are now evaluating mitigation opportunities for the two known Spectre variants. This will be done via a number of channels – kernel updates, microcode updates, a cloud hosting industry best practice sharing community, and others. We anticipate this will take a few additional weeks of investigation and thorough testing. Once a Spectre mitigation is established, we will publish another blog post outlining our plan to address it.
Update: February 8, 2018
As a reminder, all of our KVM hosts are now properly mitigated for Meltdown. We are continuing to work towards a proper mitigation for the Spectre vulnerability and will be providing an updated plan on our blog once one is available.
For more information on these vulnerabilities, the status of our fleet, and how to protect your Linode; please refer to the Meltdown & Spectre guide.
Can we have a time frame for Phase 2 maintenance?
It’s more than 10 days w/o update on this topic.
We don’t have anything to announce just yet but we’ll be sure to provide you with advance notice before any future maintenance to mitigate these vulnerabilities.
Awesome, this is great news. Linode always provides great value and I can see it’s only getting better.