Impact of Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715) on Veritas InfoScale, Storage Foundation High Availability (SFHA) solutions and Access
Problem
Veritas is aware of the issues known as "Meltdown" (CVE-2017-5754) and "Spectre" (CVE-2017-5753 & CVE-2017-5715) that affect software running on Intel, AMD and ARM processors. Several vendors have released updated operating system kernels/patches, to mitigate these issues.
Error Message
Cause
Solution
Veritas is investigating the impact of these issues on the Veritas products above and the effect of these kernel patches.
At this time, performance impact to the products above is unknown. Veritas is working to determine measurable performance impact.
Veritas will update this article as new information becomes available.
For more information on Meltdown and Spectre please see the following:
InfoScale/Storage Foundation functional test matrix
Completed items indicated no functionality issues with new kernel patch
| Platform | Version | Kernel version | InfoScale/SFHA | Qualified | InfoScale/SFHA Patch used* |
| RHEL | 6.9 | 2.6.32-696.18.7.el6 | SFHA 6.0.5 | Complete | https://sort.veritas.com/patch/detail/11718 |
| RHEL | 6.9 | 2.6.32-696.18.7.el6 | SFHA 6.1.1 | Complete | https://sort.veritas.com/patch/detail/12733 |
| RHEL | 6.9 | 2.6.32-696.18.7.el6 | SFHA 6.2.1 | Complete | https://sort.veritas.com/patch/detail/12486 |
| RHEL | 6.9 | 2.6.32-696.18.7.el6 | InfoScale 7.2 | Complete | No Patch required |
| RHEL | 6.9 | 2.6.32-696.18.7.el6 | InfoScale 7.1 | Complete | https://sort.veritas.com/patch/detail/11652 |
| RHEL | 7.2 | 3.10.0-327.62.4 | InfoScale 7.2 | Complete | No Patch required |
| RHEL | 7.3 | 3.10.0-514.36.5 | InfoScale 7.1 | Complete | https://sort.veritas.com/patch/detail/12026 |
| RHEL | 7.3 | 3.10.0-514.36.5 | SFHA 6.2.1 | Complete | https://sort.veritas.com/patch/detail/12263 |
| RHEL | 7.4 | 3.10.0-693.11.6 | InfoScale 7.2 | Complete | https://sort.veritas.com/patch/detail/13053 |
| RHEL | 7.4 | 3.10.0-693.11.6 | InfoScale 7.3 | Complete | https://sort.veritas.com/patch/detail/12936 |
| RHEL | 7.4 | 3.10.0-693.11.6 | SFHA 6.2.1 | Complete | https://sort.veritas.com/patch/detail/13056 |
| SLES | 11 SP3 | 3.0.101-0.47.106.11.1 | SFHA 6.1.1 | Complete | No Patch required |
| SLES | 11 SP4 | 3.0.101-108.21.1 | SFHA 6.1.1 | Complete | https://sort.veritas.com/patch/detail/11776 |
| SLES | 12 SP2 | 4.4.103-92.56.1 | SFHA 6.2.1 | Complete | https://sort.veritas.com/patch/detail/12644 |
*The InfoScale/SFHA patches used were required for the OS update support.
Support for retpoline enabled kernels
Some linux vendors have produced retpoline enabled kernels to prevent against Spectre vulnerability.
Veritas is developing patches which contain updated InfoScale/SFHA kernel components which have been re-compiled with a retpoline compiler. The following table lists InfoScale/SFHA support on retpoline enabled kernels
| OS Version | InfoScale/SFHA version |
Kernel | IS/SFHA Patch | Status |
| RHEL 7.5 | 7.3.1 | 3 .10.0-862.el7.x86_64 | 7.3.1.100 | Released |
| RHEL 7.6 | 7.3.1 | 3.10.0-957.1.3 | 7.3.1.200 | Released |
| RHEL 7.4 | 6.2.1 | 3.10.0-693.21.1.el7.x86_64 | 6.2.1.500 | Released |
| RHEL 7.5 | 6.2.1 | 3.10.0-862.el7.x86_64 | 6.2.1.600 | Released |
| RHEL 6.10 | 6.2.1 | 2.6.32-754 | 6.2.1.400 | Released |
| RHEL 6.9 | 6.2.1 | 2.6.32-696.23.1.el6 | 6.2.1.300 | Released |
| RHEL 6.10 | 6.0.5 | 2.6.32-754 | 6.0.5.600 | Released |
| SLES11 SP4 | 7.4 | 3.0.101-108.74 | 7.4.0.1100 | Released |
| SLES11 SP4 | 6.2.1 | 3.0.101-108.71.1 | 6.2.1.100 | Released |
| RHEL 7.6 | 7.4 | 3.10.0-957.el7.x86_64 | 7.4.0.1200 | Released |
| RHEL 6.10 | 7.3.1 | 2.6.32-754 | 7.3.1.100 | Released |
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.