Recently, our site reliability engineering team started getting alerted about memory pressure on some of our Redis instances which have very small working sets. As we started digging into the issue, it became clear that there were problems with freeing memory after initial allocation because there were a relatively small number of keys but a comparatively large amount of memory allocated by redis-server processes. Despite initially looking like a leak, the problem was actually an issue between an alternative memory allocator and transparent huge pages.
Earlier today, CVE-2015-3456, a security vulnerability also known as VENOM was publicly announced. This bug in KVM/QEMU, our virtualization environment, could potentially exploit a VM's virtual floppy driver as described in detail here and here. DigitalOcean has conducted a thorough audit of our platform and taken steps to mitigate the issue.