Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
25% Recurring Discount on NVMe VPS
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
CloudLinux
Shells Virtual Desktop
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Anyone else not patched Januscape yet?

YachiyoYachiyo Member

It was definitely caused by CVE-2026-53359.

Naranja has already patched it, and SoftShellWeb and 24Fire likely have as well (at least, their servers went offline briefly a few days ago, and monitoring probes showed a reboot).

«13

Comments

  • servers_guruservers_guru Member, Patron Provider

    working on it fleet wide as we speak..

    Thanked by 2fatchan forest
  • fatchanfatchan Member, Host Rep
    edited July 9

    Patched:

    Not sure/haven't heard any maintenance announcement:

    • Vultr
    • Binarylane
    • Alexhost
    • Hosthatch
  • hyperblasthyperblast Member
    edited July 9

    patched (guess, because of unreported reboots):
    @ComputeBox
    @Avoro @dataforest

    not sure:
    @berohost
    @labze
    @MannDude
    at IONOS
    @layer7
    @lnx
    @DediRock

  • slowserversslowservers Member, Host Rep

    Slow Servers is unaffected!

  • sliixsliix Member
    edited July 9

    Just did for 2 of my Proxmox nodes. Not that I have anyone else using the VMs inside them anyways haha.

    For the VPSs I have, I know GreenCloud already done it. Didn't realise/not sure about the others in my signature tho.

  • nghialelenghialele Member

    What is a patch

  • ComputeBoxComputeBox Member, Patron Provider

    @hyperblast said:
    patched (guess, because of unreported reboots):
    @ComputeBox
    @Avoro @dataforest

    not sure:
    @berohost
    @labze
    @MannDude
    at IONOS
    @layer7
    @lnx
    @DediRock

    Yes, all our systems were patched on Tuesday

    Thanked by 1hyperblast
  • If it weren't for laws and stuff, we could help by rebooting the host node from inside the VM :)

  • layer7layer7 Member, Host Rep, LIR

    Hi,

    pure nightmare :-)

    Still on it after some hours of sleep. Too many machines, and of course also tralalala issues with what ever ( including motherboard?! defects after reboots <3 )...

    Most is done. Rest will be done today...

    Thanked by 1hyperblast
  • @nghialele said:
    What is a patch

    Patch is a piece of tape on the changed / buggy section of a code stored on a punched card:

    Punched card: tape patch

  • forestforest Member

    @layer7 said: Still on it after some hours of sleep. Too many machines, and of course also tralalala issues with what ever ( including motherboard?! defects after reboots <3 )...

    A good reason to use kexec whenever possible! That won't fry your mobo.

  • layer7layer7 Member, Host Rep, LIR

    @forest said:
    A good reason to use kexec whenever possible! That won't fry your mobo.

    Hi,

    in general i agree with you. But i do actually prefer that hardware defects appear during maintenance and not randomly when in holidays.

    A system that does not survive a reboot is obviously not ok. So its better to know that in this situation compared to other....

    Thanked by 1forest
  • dbadudedbadude Member

    patched? no yolo

  • servers_guruservers_guru Member, Patron Provider

    30% done :'(

  • yoursunnyyoursunny Member, IPv6 Advocate

    Brief downtime detected in past 2 days likely due to node reboot:

    • HostHatch
    • GreenCloudVPS
    • Crunchbits
    • NanoKVM
    • Limitless
    • HostBrr
    • SMC
    • Heartbeat IT

    No brief downtime detected:

    • Advin Servers
    • DigiRDP
    • Hostodo
    • DartNode
    • Evolution
    • VirMach
    • Hosteroid
    • HOST-C
    • F4 Networks
    • NoAck Hosting
    • BuyVM
    • Paradox Networks
    • SiteHUB Agency
  • forestforest Member
    edited July 9

    @yoursunny said: No brief downtime detected:

    Although that can indicate a lack of upgrading, it's also possible that they migrated your VM to another node in order to upgrade and then migrated it back. Such downtime would be very brief and the VM itself wouldn't reboot.

    @yoursunny said: Advin Servers

    I got an email from them notifying me of the an upcoming reboot for maintenance. According to their linked status page:

    Starting shortly, the maintenance will commence in our Johor, MY location. Each individual server will offline for a period of 5-30 minutes, depending on the specific hypervisor. We will update the status page when maintenance starts in our Johor, MY location.

    The rest of our locations are currently pending scheduling.

    Btw, as far as I know, this vulnerability only matters for hosts that enable nested virtualization, so some hosts may not need to perform any upgrades.

    Thanked by 3yoursunny bbmmsvr4u xms
  • daviddavid Member
    edited July 9

    For RackNerd:

    https://status.racknerd.com/

    Our infrastructure team has completed our response to CVE-2026-53359, also known as “Januscape.” At this time, we have verified that 100% of our KVM VPS fleet is protected against this CVE through either successfully applied live mitigations or completed host-node reboots where additional verification was required.

    For customers whose VPS experienced a brief reboot, this means your VPS was on a host node where we could not fully verify that the live mitigation had been successfully applied without a reboot. Out of an abundance of caution, that host node was rebooted to ensure the appropriate kernel-level patches and mitigations were fully in place.

    For customers whose VPS did not reboot, this means the required live/in-memory mitigation was successfully applied and verified on the underlying host node without requiring a reboot or service interruption.

    This was a proactive security response and was not related to any known security incident or compromise affecting RackNerd or our customers. No customer action is required. Security remains our top priority, and we sincerely appreciate your patience and understanding while our team completed this work.

    Thanked by 1Void
  • zedzed Member

    i've only received comms about this from ovh (and i see they rebooted all my shit a few hours ago).

  • dosaidosai Member

    How to check?

  • therawtheraw Member

    @dosai said:
    How to check?

    about 99.99% of people are checking nested virt if is enabled and calling it vulnerable and disabling it.

    Thanked by 1dosai
  • VoidVoid Member
    edited July 9

    All my Racknerd servers rebooted

  • @yoursunny said: No brief downtime detected:

    Advin Servers

    I just received this email today from them about this:

    Date: Wed, 8 Jul 2026 21:35:15 +0000
    From: Advin Servers support@advinservers.com
    Reply-To: Advin Servers support@advinservers.com
    Subject: Emergency Maintenance Notice: Critical Kernel Vulnerability (All Locations)

    A critical vulnerability in the Linux kernel, known as "Januscape," has recently been publicly disclosed. This vulnerability affects virtualization and poses a significant risk to system security and stability.

    In response, we are immediately patching all nodes across all locations to the latest kernel version. We apologize for the short notice; however, given the severity of this vulnerability, immediate action is necessary to protect our infrastructure and your services.

    What this means for you:
    This patching process will require a reboot of all affected servers. Due to the scale of our infrastructure and the urgency of this fix, we are unable to schedule individual maintenance windows for each hypervisor or server. Instead, we are patching all systems as quickly as possible on a rolling basis.

    Each server will experience a brief outage of approximately 5-30 minutes, depending on the specific hypervisor.

    Stay informed:
    Please monitor our status page for real-time updates on patching progress:
    https://clients.advinservers.com/serverstatus.php

    If your server goes offline, please check the status page first to see whether your server's hypervisor or location is currently undergoing patching. If it is not listed as under maintenance, please open a support ticket so our team can investigate.

    We understand this may cause temporary disruption, and we sincerely appreciate your patience and understanding as we work to keep your services secure.

  • layer7layer7 Member, Host Rep, LIR

    @forest said:
    Although that can indicate a lack of upgrading, it's also possible that they migrated your VM to another node in order to upgrade and then migrated it back. Such downtime would be very brief and the VM itself wouldn't reboot.

    Hi,

    yes, in our case all network storage driven products are live migrated somewhere else on the cluster and the host updated/upgraded/what ever. This comes with 0 downtime for the customers.

    Even with our local storage driven products we do it like this, as they are low in host numbers. Sizes of OVH and similar wont do that hassle. Its also hurting the NVMe drives write duration.

    But also we have real single warrior servers that had to be rebooted including the downtime for the customers, like the 5 / 10 TB special offers we made here.

    As by now, only one host is left, finally....

  • raindog308raindog308 Administrator, Veteran

    I really need to update my home Proxmox from 8.4.19. Maybe this will give me the nudge to do it so I don't exploit myself.

  • DrNutellaDrNutella Member
    edited July 10

    I still play with RuneScape. Pretty safe. Just PVP nonsense with my runeite ore mining in the wild.

  • sliixsliix Member
    edited July 10

    @DrNutella said:
    I still play with RuneScape. Pretty safe. Just PVP nonsense with my runeite ore mining in the wild.

    I miss Runescape. Played since 2006. I still logged in like once a week. Nobody in my friends list ever turn green though, not to mention lot of them are the number placeholders :(

    Thanked by 1beanman109
  • bobertbobert Member

    question is which hosts use no reboot patching

  • DrNutellaDrNutella Member
    edited July 10

    @sliix said:

    @DrNutella said:
    I still play with RuneScape. Pretty safe. Just PVP nonsense with my runeite ore mining in the wild.

    I miss Runescape. Played since 2006. I still logged in like once a week. Nobody in my friends list ever turn green though, not to mention lot of them are the number placeholders :(

    Every few years I try to log in guessing my password. Sometimes I get it right and cant even remember which combo I tired. This is beforei we had emails honestly

    Thanked by 1sliix
  • bbmmsvr4ubbmmsvr4u Member, Patron Provider

    @layer7 said:

    @forest said:
    Although that can indicate a lack of upgrading, it's also possible that they migrated your VM to another node in order to upgrade and then migrated it back. Such downtime would be very brief and the VM itself wouldn't reboot.

    Hi,

    yes, in our case all network storage driven products are live migrated somewhere else on the cluster and the host updated/upgraded/what ever. This comes with 0 downtime for the customers.

    Even with our local storage driven products we do it like this, as they are low in host numbers. Sizes of OVH and similar wont do that hassle. Its also hurting the NVMe drives write duration.

    But also we have real single warrior servers that had to be rebooted including the downtime for the customers, like the 5 / 10 TB special offers we made here.

    As by now, only one host is left, finally....

    :D high 5~

    @sliix said:

    @DrNutella said:
    I still play with RuneScape. Pretty safe. Just PVP nonsense with my runeite ore mining in the wild.

    I miss Runescape. Played since 2006. I still logged in like once a week. Nobody in my friends list ever turn green though, not to mention lot of them are the number placeholders :(

    Tibia, Runescape, Ultima Online, really love these three hahhaha

Sign In or Register to comment.