This document provides the details for applying the Meltdown/Spectre vulnerability patch to your instance of CyOPs™. The updated and new kernel of Linux CentOS version 3.10.0-693.17, as well as CyOPs™ 4.10.3 and later, will already contain the patch.
Important: Ensure that you take a snapshot of the VM in both ESXI and AWS before making any changes or applying any patches. DO NOT SKIP THIS STEP.
Notes in case of CyOPs™ 4.10.3
Run the following commands from the command prompt of your CyOPs™ instance. Note that you need to use sudo if you are trying to run the commands as the csadmin user:
The 'update-cyops-os.sh' script performs the following tasks:
Once your CyOPs™ instance is rebooted, run the 'uname -r' command to ensure that your system is using the newly upgraded kernel. The command should display the kernel version as 3.10.0-693.17.
The following messages are seen on AWS instances post upgrade. You can ignore these errors during the cleanup stage. These messages come from the uninstallation of the previous kernel:
usr/lib/dracut/modules.d/40network/module-setup.sh:
line 31:
/lib/modules/3.10.0-514.21.2.el7.x86_64///lib/modules/3.10.0-514.21.2.el7.x86_64/kernel/drivers/net/wan/hdlc.ko:
No such file or directory
/usr/lib/dracut/modules.d/40network/module-setup.sh:
line 31:
/lib/modules/3.10.0-514.21.2.el7.x86_64///lib/modules/3.10.0-514.21.2.el7.x86_64/kernel/drivers/net/wan/hdlc_raw.ko:
No such file or directory
/usr/lib/dracut/modules.d/50drm/module-setup.sh:
line 26:
/lib/modules/3.10.0-514.21.2.el7.x86_64///lib/modules/3.10.0-514.21.2.el7.x86_64/kernel/drivers/gpu/drm/nouveau/nouveau.ko:
No such file or directory
/usr/lib/dracut/modules.d/50drm/module-setup.sh:
line 26:
/lib/modules/3.10.0-514.21.2.el7.x86_64///lib/modules/3.10.0-514.21.2.el7.x86_64/kernel/drivers/gpu/drm/udl/udl.ko:
No such file or directory
/usr/lib/dracut/modules.d/90kernel-modules/module-setup.sh:
line 14:
/lib/modules/3.10.0-514.21.2.el7.x86_64///lib/modules/3.10.0-514.21.2.el7.x86_64/kernel/drivers/gpio/gpio-ich.ko:
No such file or directory
/usr/lib/dracut/modules.d/90kernel-modules/module-setup.sh:
line 14:
/lib/modules/3.10.0-514.21.2.el7.x86_64///lib/modules/3.10.0-514.21.2.el7.x86_64/kernel/drivers/gpio/gpio-viperboard.ko:
No such file or directory
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.