Critical Maintenance for CPU Vulnerabilities
Incident Report for Linode
Identified
A number of serious security vulnerabilities affecting multiple CPU architectures were recently disclosed by Google’s Project Zero team as outlined in our blog post[1]. In order to address these vulnerabilities, the host on which your Linode resides will need to undergo maintenance. This is the first of several separate maintenances that will be necessary to fully mitigate these vulnerabilities.

Each Linode's maintenance window will be communicated to you via support ticket and will also be visible within the Linode Manager. During the maintenance window, your Linode will be cleanly shut down and will be unavailable while we perform the updates. A two-hour window is allocated, however the actual downtime should be much less. After the maintenance has concluded, each Linode will be returned to its last state (running or powered off).

You can prepare your Linode for this maintenance by following our Reboot Survival Guide. By following this guide before your maintenance, you will be able to ensure that services running on your Linode are resumed properly. The Reboot Survival Guide is available here:

https://www.linode.com/docs/uptime/reboot-survival-guide

These updates affect the underlying infrastructure that your Linode resides on and will not affect the data stored within your Linode. In order to fully mitigate the Meltdown vulnerability, you must update your Linode’s kernel to version 4.14.11 or later. If your Linode’s Configuration Profile is set to utilize our latest kernel, your Linode will automatically use 4.14.11 or later upon rebooting.

We have also made a guide available with more information on these vulnerabilities and how you can protect your Linode:

https://www.linode.com/docs/platform/meltdown_statement/

We regret the short notice and the downtime required for this maintenance. However, due to the severity of these vulnerabilities, we have no choice but to take swift and immediate action to ensure the safety and security of our customers. For these reasons, we must adhere to a strict timetable, and will not be able to reschedule or defer this maintenance.

Stay tuned for more information.

[1] https://blog.linode.com/2018/01/03/cpu-vulnerabilities-meltdown-spectre
Posted 12 days ago. Jan 10, 2018 - 22:17 UTC