By Ralph Bateman, IBM (Original post here)
We’re taking action to secure our IBM Cloud Container Service against the recent Spectre and Meltdown security vulnerabilities.
We’ve been working closely with our vendors and IBM Cloud Infrastructure teams concerning the security vulnerability announced on January 3, 2018. This vulnerability has the potential to allow those with malicious intent to gather sensitive data from computing devices. Intel believes these exploits do not have the potential to corrupt, modify, or delete data.
What’s been done
The hypervisors have already been patched (see IBM Cloud Infrastructure Blog). Now, the kernel for all VMs that run Kubernetes worker nodes must be updated.
We have updated the cloud image that is used to create IBM Cloud Container Service
How do I mitigate the issue
Lite clusters will be patched beginning Monday 15th January by the
How to check my version
You can check the version of your workers using the “bx cs workers <my_clusterid>”
Your cluster should be on of the following versions: