Datrium DVX and CVE-2017-5753, CVE-2017-5715 (Spectre), CVE-2017-5754 (Meltdown)

Datrium has investigated impacts and mitigation options for Spectre, Meltdown, and related issues.

● http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753

● http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715

● http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754

● Datrium DVX software is not directly affected and no action is required.

● Datrium Data Nodes are not affected and no action is required.

● 3rd party servers being used as Compute Nodes likely need to be patched with updated BIOS / firmware.

● Any Compute Nodes (Datrium or 3rd party) running ESXi should be patched with VMware fixes.

● Guest OS instances will likely need to be patched.

3rd party servers that are being used in a DVX system should be updated based on recommendations from the server vendor. Please contact the server vendor directly for details.

All Compute Nodes (both Datrium and 3rd Party) in any DVX that are running ESXi should update to the appropriate patches from VMware. For more information, please see the following link:

It is very likely that all guest OS instances running in DVX will need to be patched. Please contact the OS vendor directly for details and recommendations.

At this time we are unaware of any significant impact on performance from BIOS and VMware patches. However, based on reported behavior of the various fixes from VMware and server vendors, it is possible that some workloads will exhibit some non-trivial changes in performance related to guest OS patches and updates. We recommend that you work closely with your guest OS vendors to ensure performance concerns are addressed.