CPU Side Channel Microcode Detection in Hosted/Cloud Environments

Solution In Progress - Updated 2019-07-15T13:58:02+00:00 -

English

• No translations currently exist.

Environment

Red Hat Enterprise Linux running on a hosted or cloud platform where microcode is not exposed to the guest.

Issue

• I want to know if my cloud-hosted server is protected against CPU side Channel attacks.
• Is my server safe against [Spectre/Meltdown, L1TF, MDS, etc.]?

Resolution

After running the detection script, system administrator is referred to this page. Please consult your cloud provider for how they enable protections for CPU side channel attacks:
AWS

Root Cause

Many cloud providers do not forward the appropriate codes to guest operating systems to enable detection of vulnerability status. Please consult your cloud provider for more details about how they are preventing these attacks for guests within their operating environment.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.