||A number of critical vulnerabilities have been discovered that affect multiple CPU architectures (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754). Our analysis shows this vulnerability does not directly affect the SME File Fabric Server. As best practice, 3rd party software and direct access to the File Fabric where these exploits could be utilized is not supported or recommended.
For customers who have deployed Enterprise File Fabric Server on a hypervisor or in the cloud please follow the advice provided by your hypervisor vendor or cloud host. For most deployments this will involve restarting the Enterprise File Fabric instance once the cloud or hypervisor has been patched.
For customers running a v10 or later instance patching can be achieved by following the following steps:
Log into the console as smeconfiguser and elevate to root:
As the root user run the following command:
yum update kernel -y
This will install kernel version 3.10.0-693.11.6.el7
or later which have been patched for Meltdown and Spectre.
Output similar to the following confirms the kernel patch applied.
Reboot the appliance to complete the patching with the following command:
For SME hosted customers SME will be handling the security updates to the infrastructure in co-ordination with our hosting partners. Contact support if you have any further questions.
The following two tabs change content below.
Doug's focus is in Object and Cloud Storage APIs, Data Governance, Virtualization, and Containerization.