My Oracle Support Banner

Responding to the CVE-2017-5753 (Spectre v1), CVE-2017-5715 (Spectre v2), and CVE-2017-5754 (Meltdown) vulnerabilities in Oracle Linux and Oracle VM on Oracle x86 Servers (Doc ID 2370398.1)

Last updated on JANUARY 21, 2022

Applies to:

Linux OS - Version Oracle Linux 6.9 with Unbreakable Enterprise Kernel [4.1.12] to Oracle Linux 6.9 with Unbreakable Enterprise Kernel [4.1.12] [Release OL6U9]
Information in this document applies to any platform.

Purpose

This document applies to Oracle Linux and Oracle VM on Oracle x86 Servers only, and NOT to Oracle Engineered Systems. Engineered Systems patches, when available will be documented in MOS Doc ID 2347948.1.

Oracle recommends that customers running Oracle Linux and/or Oracle VM on Oracle x86 Servers respond to the CVE-2017-5753 (Spectre v1), CVE-2017-5715 (Spectre v2), and CVE-2017-5754 (Meltdown) vulnerabilities in two ways:

  1. Use the necessary Intel CPU microcode, and
  2. Use the necessary Kernel and Xen packages on systems running Oracle Linux or Oracle VM

Scope

Oracle x86 Servers – all versions
Oracle Linux – all versions
Oracle VM – all versions

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Purpose
Scope
Details
 A) Application of the Intel CPU microcode
 B) Application of software updates for Oracle Linux and Oracle VM for x86
 B1) Software updates for Oracle Linux
 B2) Software updates for Oracle VM for x86
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.