Transparent Huge Pages and Alternative Memory Allocators: A Cautionary Tale

Recently, our site reliability engineering team started getting alerted about memory pressure on some of our Redis instances which have very small working sets. As we started digging into the issue, it became clear that there were problems with freeing memory after initial allocation because there were a relatively small number of keys but a comparatively large amount of memory allocated by redis-server processes. Despite initially looking like a leak, the problem was actually an issue between an alternative memory allocator and transparent huge pages.

Read More

Update on CVE-2015-3456, aka the VENOM Security Vulnerability

Earlier today, CVE-2015-3456, a security vulnerability also known as VENOM was publicly announced. This bug in KVM/QEMU, our virtualization environment, could potentially exploit a VM's virtual floppy driver as described in detail here and here. DigitalOcean has conducted a thorough audit of our platform and taken steps to mitigate the issue.

Read More