Impact of CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715 (Meltdown & Spectre) to Red Hat JBoss products

Solution Verified - Updated -

Issue

  • I’ve read about an issue that affects computer processors and the kernel. How does this affect Red Hat JBoss products?
  • What do we need to do to protect our Red Hat JBoss environments from attacks using Meltdown and Spectre?
  • We would like to have officially RedHat to confirm if there are fixes applicable to the JBoss Application servers 6.x and 7.x versions. Also, would there be any performance hit if the fixes are applied at whichsoever layer(s)?
  • Is there any impact on JBoss EAP products? How can we fix them?
  • I would like to know if we need to apply any patches/fixes to JBoss6.4 for these CVEs. Or is applying the fixes to the operating system kernel the only solution to address the issue?

Environment

  • All Red Hat JBoss products

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In