CrownCloud - Status Center

Issue # Subject Type Status % Completed Last updated at
52Venom/QEMU Patch related reboots on KVM nodesOtherResolved
100%
2015-05-14 21:19:13

CrownCloud - Status - Venom/QEMU Patch related reboots on KVM nodes

Updates on this issue :


2015-05-14 21:19:02

All nodes have been patched, DE12, LA11 etc. Closing issue.

2015-05-14 00:24:05

LA04 going down for upgrade and LA11 as well

2015-05-14 00:19:43

LA09 is back online after the reboot. PHX01 is back online after the reboot.

2015-05-13 23:37:08

DE9 back online, PHX01 going for reboot now.

2015-05-13 23:35:13

DE7 is back online and DE9 is going for a reboot now.

2015-05-13 23:22:45

DE11 is back online after the reboot and the VPSes are booting up on it now. DE7 is going for a reboot now.

2015-05-13 22:53:28

Node DE11 has been patched and rebooted now. Currently is safely turning off VPSes (soft-shutdown) on the node and will then reboot.

2015-05-13 22:51:27

Hello,

We will be performing a reboot on our KVM nodes to patch QEMU-KVM against the security issues recently highlighted by the "Venom" vulnerability. Please note this affects all providers, big or small using anything related to QEMU, QEMU powers KVM, XEN, VirtualBox and various other virtualization software. This is a serious vulnerability which requires a reboot of the host-node to effectively restart the QEMU process with the new and patched QEMU version which we have installed on the nodes.

 

More info:

http://arstechnica.com/security/2015/05/extremely-serious-virtual-machine-bug-threatens-cloud-providers-everywhere/

 

We will continue to post information and further updates here as we go from node to node.