Meltdown and Spectre are two exploits that affect nearly all devices powered by modern processors. Meltdown can be exploited by an unprivileged attacker to maliciously obtain sensitive information stored in kernel memory. Meltdown is addressed in the linux kernel 4.9.75+. We are already in the process of releasing RancherOS 1.1.3 with the updated kernel and will ship the release as soon as it is ready. Currently, Spectre is still undergoing analysis for a fix. We’ll be monitoring the progress on Spectre and will provide a release as soon as a is available upstream.
Details on the vulnerabilities can be found here:
Related RancherOS github issue: