Security News > 2022 > September > VMware: 70% drop in Linux ESXi VM performance with Retbleed fixes

VMware: 70% drop in Linux ESXi VM performance with Retbleed fixes
2022-09-12 15:33

VMware is warning that ESXi VMs running on Linux kernel 5.19 can have up to a 70% performance drop when Retbleed mitigations are enabled compared to the Linux kernel 5.18 release.

More specifically, the VMware performance team noticed regressions on ESXi virtual machines of up to 70% in computing, 30% in networking, and 13% in storage.

VMware found that disabling the Retbleed security mitigation via the "Spectre v2=off" kernel boot parameter restored the Linux VM's performance to the levels of the 5.18 release, confirming that the fixes are the sole reason behind the drop in performance.

Linux's mitigation of Retbleed on kernel version 5.19 has had a detrimental effect on performance, which could result in a wide range of business issues on production systems and cloud infrastructure.

With such a performance drop, many system administrators who believe Retbleed is more of a theoretical rather than a real threat to their systems will be open to taking the trade-off by disabling the mitigations.

For now, the Linux kernel development team hasn't discussed the massive performance impact nor promised to revisit the mitigations and implement a more "Surgical" fix, so the situation remains risky.


News URL

https://www.bleepingcomputer.com/news/linux/vmware-70-percent-drop-in-linux-esxi-vm-performance-with-retbleed-fixes/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2312 1489 67 3932