mirror of
https://github.com/speed47/spectre-meltdown-checker
synced 2025-01-03 10:05:44 +01:00
update readme
This commit is contained in:
parent
64eb1d005c
commit
9def0c949a
24
README.md
24
README.md
@ -28,24 +28,24 @@ Example of the output of the script:
|
|||||||
|
|
||||||
```
|
```
|
||||||
$ sudo ./spectre-meltdown-checker.sh
|
$ sudo ./spectre-meltdown-checker.sh
|
||||||
Spectre and Meltdown mitigation detection tool v0.02
|
Spectre and Meltdown mitigation detection tool v0.07
|
||||||
|
|
||||||
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
|
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
|
||||||
* Kernel compiled with LFENCE opcode inserted at the proper places: NO (only 38 opcodes found, should be >= 60)
|
* Kernel compiled with LFENCE opcode inserted at the proper places: NO (only 38 opcodes found, should be >= 60)
|
||||||
> STATUS: VULNERABLE
|
> STATUS: VULNERABLE
|
||||||
|
|
||||||
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
|
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
|
||||||
* Mitigation 1
|
* Mitigation 1
|
||||||
* Hardware (CPU microcode) support for mitigation: NO
|
* Hardware (CPU microcode) support for mitigation: NO
|
||||||
* Kernel support for IBRS: NO
|
* Kernel support for IBRS: NO
|
||||||
* IBRS enabled for Kernel space: NO
|
* IBRS enabled for Kernel space: NO
|
||||||
* IBRS enabled for User space: NO
|
* IBRS enabled for User space: NO
|
||||||
* Mitigation 2
|
* Mitigation 2
|
||||||
* Kernel recompiled with retpolines: UNKNOWN (check not yet implemented)
|
* Kernel compiled with retpolines: NO
|
||||||
> STATUS: VULNERABLE (IBRS hardware + kernel support OR retpolines-compiled kernel are needed to mitigate the vulnerability)
|
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpolines are needed to mitigate the vulnerability)
|
||||||
|
|
||||||
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
|
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
|
||||||
* Kernel supports Page Table Isolation (PTI): YES
|
* Kernel supports Page Table Isolation (PTI): YES
|
||||||
* PTI enabled and active: YES
|
* PTI enabled and active: YES
|
||||||
> STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)
|
> STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)
|
||||||
```
|
```
|
||||||
|
Loading…
Reference in New Issue
Block a user