Performance impact observed after Red Hat Enterprise Linux upgrade due to Retbleed CVE vulnerability mitigations

Significant performance impact for customers updating from RHEL 7.x, 8.x, or 9.0 kernels without Retbleed vulnerability mitigations to a newer RHEL kernel with Retbleed vulnerability mitigations. This includes OCP 4.10 to 4.12.

Upgrading from a RHEL kernel without Retbleed (CVE-2022-29900 / CVE-2022-23816, CVE-2022-29901, CVE-2022-23825) vulnerability mitigatfeions to a kernel that does support Retbleed mitigations result in a performance impact. Observed primarily on the Intel Skylake family of Processors.

Updates from a previous version of Red Hat Enterprise Linux to 8.6 or to 9.0+ result in performance degradation.

Updates from OpenShift Container Platform (OCP) version 4.10 to 4.12 result in performance degradation.

Red Hat Enterprise Linux follows the upstream kernel by mitigating Retbleed related security vulnerabilities by default. It is strongly recommended that customers weigh the repercussions of disabling the Retbleed mitigations against their internal security policies prior to disabling any such mitigations.

For more detailed information, please refer to the knowledgebase article.