Ravello Service Critical Security Maintenance
Scheduled Maintenance Report for Ravello Systems
Completed
The scheduled maintenance has been completed.
Posted 10 months ago. Aug 14, 2018 - 18:58 UTC
Scheduled
On August 14th, 2018, Intel has disclosed a new set of speculative execution side-channel processor vulnerabilities affecting their processors.
These L1 Terminal Fault (L1TF) vulnerabilities affect a number of Intel processors, and they have received three CVE identifiers: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646.
For more information, see https://blogs.oracle.com/oraclesecurity/intel-l1tf

Oracle has deployed technical mitigations across Oracle Ravello services designed to prevent malicious attacker’s VM from accessing data from other VM instances.
However, vulnerability CVE-2018-3620 could enable a rogue user mode process to read privileged kernel memory within the same virtual machine. As a result, customers are advised to keep up with OS security patches and patch their VMs’ operating systems per OS vendor's guidance to address this vulnerability.

- What actions have been taken by Oracle Ravello to protect against L1TF?

In response to these Intel vulnerabilities, Oracle Ravello has carried out maintenance to the underlying Oracle cloud infrastructure between Monday, August 13th, and Tuesday, August 14th in all regions. The underlying infrastructure was patched to protect your workloads from the L1TF vulnerability.
Email messages were sent to customers with specific VM instances to inform them that their instances required a manual HW cycle to be performed by August 17th at 20:00 UTC.
In the event that these customers do not stop-start their application by this date, the application will be stop-started automatically by Ravello.

- What customer actions are needed to protect against L1TF?

Oracle has deployed technical mitigations across Oracle Ravello services designed to prevent malicious attacker’s VM from accessing data from other VM instances.
However, vulnerability CVE-2018-3620 could enable a rogue user mode process to read privileged kernel memory within the same virtual machine. As a result, customers are advised to keep up with OS security patches and patch their VMs’ operating systems per OS vendor's guidance to address this vulnerability.
Some customers who received an email from Ravello Operations should follow the instructions and power cycle instructed VMs.
Posted 10 months ago. Aug 14, 2018 - 18:57 UTC
This scheduled maintenance affected: Security.