Oracle has deployed technical mitigations across Oracle Cloud Infrastructure systems designed to prevent a malicious attacker's virtual machine (VM) instance from accessing data from other VM instances.
However, if you manage your own operating systems (OS), you are advised to keep up with OS security patches to address this vulnerability.
The following sections contain the details of mitigations and actions.
If you use Autonomous Database for Analytics and Data Warehousing and Autonomous Database for Transaction Processing and Mixed Workloads, you have no further action to take.
To help secure your existing worker nodes for the Oracle Cloud Infrastructure Kubernetes Engine, Oracle recommends replacing your current node pools with new node pools. Follow the instructions described in Upgrading Managed Nodes to a Newer Kubernetes Version. All worker nodes created or upgraded after May 14, 2019 are not impacted by this security issue.
Other Oracle Cloud Infrastructure Services
Technical mitigations designed to protect all other Oracle Cloud Infrastructure services against the MDS processor vulnerabilities have been deployed. Oracle notified customers if other maintenance activities were required.
Oracle Cloud Infrastructure Classic and Oracle Platform Service on Oracle Cloud Infrastructure Classic 🔗
In response to the MDS processor vulnerabilities, Oracle is performing mandatory maintenance for Infrastructure and Platform Services on Oracle Cloud Infrastructure Classic.
Platform Service hosts managed by Oracle are being patched by Oracle. If you manage your own operating systems, you are advised to keep up with the appropriate OS security patches to address these vulnerabilities.