Performance impact observed after Red Hat Enterprise Linux upgrade due to Retbleed CVE vulnerability mitigations
Issue
- Upgrading from a RHEL kernel without Retbleed (CVE-2022-29900 / CVE-2022-23816, CVE-2022-29901, CVE-2022-23825) vulnerability mitigations to a kernel that does support Retbleed mitigations may result in a performance impact. Observed primarily on the Intel Skylake family of Processors.
- This can happen when upgrading from older RHEL 7.x, 8.x, or 9.0 kernels without Retbleed vulnerability mitigations to a newer RHEL kernel with Retbleed vulnerability mitigations.
- Common examples also include updating OpenShift Container Platform (OCP) version 4.10 to 4.11 or 4.10 to 4.12.
- How much of a performance impact do I get from the Retbleed mitigation?
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 9
- OpenShift Container Platform 4.11
- OpenShift Container Platform 4.12
- Intel and AMD processors
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.