Stéphane Lesimple
0252e74f94
feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection
2018-09-22 12:26:56 +02:00
Nicolas Sauzede
fbbb19f244
Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. ( #246 )
...
* Fix cases where a CPU ucode version is not found in $procfs/cpuinfo.
When running whithin a virtual machine, it seems like $procfs/cpuinfo doesn't contain
a 'microcode' line, which triggers a script runtime error.
Fall back to '0x0' in this case, as other part of the script seems to already this
as a default value anyway.
* Double quote to prevent globbing and word splitting.
2018-09-19 22:00:59 +02:00
Stéphane Lesimple
1571a56ce2
feat: add L1D flush cpuid feature bit detection
2018-09-19 09:05:23 +02:00
Stéphane Lesimple
3cf9141601
fix: don't display summary if no CVE was tested (e.g. --hw-only)
2018-09-19 09:04:52 +02:00
Stéphane Lesimple
bff38f1b26
BSD: add not-implemented-yet notice for Foreshadow-NG
2018-09-18 22:06:01 +02:00
Stéphane Lesimple
b419fe7c63
feat(variant4): properly detect SSBD under BSD
2018-09-18 22:00:32 +02:00
alexvong1995
f193484a4a
chore: fix deprecated SPDX license identifier ( #249 ) ( #251 )
...
The SPDX license identifier 'GPL-3.0' has been deprecated according to
<https://spdx.org/licenses/GPL-3.0.html >.
2018-09-18 20:00:53 +02:00
Laszlo Toth
349d77b3b6
Fix kernel detection when /lib/kernel exists on a distro ( #252 )
...
Commit b48b2177b7
("feat: Add Clear Linux Distro (#244 )") broke kernel
detection for distros using that directory for other purposes than
storing the kernel image.
Example:
# pacman -Qo /lib/kernel
/usr/lib/kernel/ is owned by mkinitcpio 24-2
/usr/lib/kernel/ is owned by systemd 239.2-1
Signed-off-by: Laszlo Toth <laszlth@gmail.com>
2018-09-18 20:00:20 +02:00
Stéphane Lesimple
e589ed7f02
fix: don't test SGX again in check_CVE_2018_3615, already done by is_cpu_vulnerable
2018-09-17 22:28:04 +02:00
Stéphane Lesimple
ae1206288f
fix: remove some harcoded /proc paths, use $procfs instead
2018-09-17 22:26:20 +02:00
Stéphane Lesimple
b44d2b5470
chore: remove 'experimental' notice of Foreshadow from README
2018-09-17 21:48:20 +02:00
Stéphane Lesimple
7b72c20f89
feat(l1tf): explode L1TF in its 3 distinct CVEs
2018-09-17 21:44:48 +02:00
Luis Ponce
b48b2177b7
feat: Add Clear Linux Distro ( #244 )
...
Add path of Clear Linux kernel binary and kernel config file.
2018-09-15 15:51:49 +02:00
Pierre Gaxatte
8f31634df6
feat(batch): Add a batch short option for one line result ( #243 )
...
When using this script on a large amount a machine (via clustershell or
instance) it can be easier to have a very short result on one line
showing only the vulnerabilities
2018-09-15 15:45:10 +02:00
Luis Ponce
96798b1932
chore: add SPDX GPL-3.0 license identifier ( #245 )
...
The spectre-meltdown-checker.sh file is missing licensing information.
The SPDX identifier is a legally binding shorthand, which can be
used instead of the full boiler plate text.
2018-09-15 15:33:41 +02:00
Stéphane Lesimple
687ce1a7fa
fix: load cpuid module if absent even when /dev/cpu/0/cpuid is there
2018-09-08 23:15:50 +02:00
Stéphane Lesimple
80e0db7cc4
fix: don't show erroneous ucode version when latest version is unknown ( fixes #238 )
2018-08-28 20:51:46 +02:00
David Guglielmi
e8890ffac6
feat(config): support for genkernel kernel config file ( #239 )
...
Add support for distributions using genkernel.
2018-08-28 20:24:37 +02:00
Stéphane Lesimple
b2f64e1132
fix README after merge
2018-08-18 12:09:34 +02:00
unrealization
42a3a61f1d
Slightly improved Docker configuration ( #230 )
...
* Listed the required volumes in the Dockerfile.
* Added docker-compose.yml for convenience as users won't need to manually
specify volumes and stuff when running through docker-compose.
Adjusted README.md to reflect this change.
2018-08-18 12:06:16 +02:00
Karsten Weiss
afb36c519d
Fix typo: 'RBS filling' => 'RSB filling' ( #237 )
2018-08-18 12:05:17 +02:00
Stéphane Lesimple
0009c0d473
fix: --batch now implies --no-color to avoid colored warnings
2018-08-18 12:04:18 +02:00
Stéphane Lesimple
dd67fd94d7
feat: add FLUSH_CMD MSR availability detection (part of L1TF mitigation)
2018-08-16 19:05:09 +02:00
Stéphane Lesimple
339ad31757
fix: add missing l1tf CPU vulnerability display in hw section
2018-08-16 15:19:29 +02:00
Stéphane Lesimple
794c5be1d2
feat: add optional git describe support to display inter-release version numbers
2018-08-16 15:18:47 +02:00
Stéphane Lesimple
a7afc585a9
fix several incorrect ucode version numbers
2018-08-16 10:51:55 +02:00
Stéphane Lesimple
fc1dffd09a
feat: implement detection of latest known versions of intel microcodes
2018-08-15 12:53:49 +02:00
Stéphane Lesimple
e942616189
feat: initial support for L1TF
2018-08-15 12:05:08 +02:00
Stéphane Lesimple
360be7b35f
fix: hide arch_capabilities_msr_not_read warning under !intel
2018-08-13 15:42:56 +02:00
Stéphane Lesimple
5f59257826
bump to v0.39
2018-08-13 15:33:03 +02:00
Stéphane Lesimple
92d59cbdc1
chore: adjust some comments, add 2 missing inits
2018-08-11 10:31:10 +02:00
Stéphane Lesimple
4747b932e7
feat: add detection of RSBA feature bit and adjust logic accordingly
2018-08-10 10:26:23 +02:00
Stéphane Lesimple
860023a806
fix: ARCH MSR was not read correctly, preventing proper SSB_NO and RDCL_NO detection
2018-08-10 10:26:23 +02:00
Stéphane Lesimple
ab67a9221d
feat: read/write msr now supports msr-tools or perl as dd fallback
2018-08-10 10:26:23 +02:00
0x9fff00
f4592bf3a8
Add Arch armv5/armv7 kernel image location ( #227 )
2018-08-09 22:13:30 +02:00
Stéphane Lesimple
be15e47671
chore: setting master to v0.38+
2018-08-09 14:25:22 +02:00
Nathan Parsons
d3481d9524
Add support for the kernel being within a btrfs subvolume ( #226 )
...
- /boot may be within a named root subvolume (eg. "/@/boot")
- /boot may be in its own subvolume (eg. "/@boot")
2018-08-09 14:00:35 +02:00
Stéphane Lesimple
21af561148
bump to v0.38
2018-08-07 10:55:50 +02:00
Stéphane Lesimple
cb740397f3
feat(arm32): add spectrev1 mitigation detection
2018-08-07 10:42:03 +02:00
Stéphane Lesimple
84195689af
change: default to --no-explain, use --explain to get detailed mitigation help
2018-08-04 16:31:41 +02:00
Stéphane Lesimple
b637681fa8
fix: debug output: msg inaccuracy for ARM checks
2018-08-04 16:19:54 +02:00
Stéphane Lesimple
9316c30577
fix: armv8: models < 0xd07 are not vulnerable
2018-08-04 16:19:54 +02:00
Lily Wilson
f9dd9d8cb9
add guess for archlinuxarm aarch64 kernel image on raspberry pi 3 ( #222 )
2018-08-01 00:15:52 +02:00
Stéphane Lesimple
0f0d103a89
fix: correctly init capabilities_ssb_no var in all cases
2018-07-26 10:18:14 +02:00
Stéphane Lesimple
b262c40541
fix: remove spurious character after an else statement
2018-07-25 21:55:50 +02:00
Stéphane Lesimple
cc2910fbbc
fix: read_cpuid: don't use iflag=skip_bytes for compat with old dd versions
...
This closes #215 #199 #193
2018-07-23 09:12:30 +02:00
manish jaggi
30c4a1f6d2
arm64: cavium: Add CPU Implementer Cavium ( #216 )
...
This patch adds 0x43 check for cavium implementor id in function
parse_cpu_details. Also adds that Cavium Soc is not vulnerable to variant 3/3a
Signed-off-by: Manish Jaggi <manish.jagg@cavium.com>
2018-07-22 19:06:19 +02:00
Stéphane Lesimple
cf06636a3f
fix: prometheus output: use printf for proper \n interpretation ( #204 )
2018-06-21 23:35:51 +02:00
Stéphane Lesimple
60077c8d12
fix(arm): rewrite vuln logic from latest arm statement for Cortex A8 to A76
2018-06-21 23:24:18 +02:00
Rob Gill
c181978d7c
fix(arm): Updated arm cortex status ( #209 )
...
* Cortex A8 Vulnerable
Arm Cortex A8 is vulnerable to variants 1 & 2 (https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability )
Part number is 0xc08 (https://developer.arm.com/docs/ddi0344/b/system-control-coprocessor/system-control-coprocessorregisters/c0-main-id-register )
False negative reported by @V10lator in #206
* ARM Cortex A12 Vulnerable to 1&2
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
* A76 vulnerable to variant 4
All arch 8 cortex A57-A76 are vulnerable to variant 4.
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
* Whitelist variant4 nonvuln Arms
* ARM Cortex Whitelist & Cumulative Blacklist
Applies all information about vulnerabilities of ARM Cortex processors (from https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability ).
Whitelist & blacklist approach, using both vulnerable and non vulnerable status for each identified CPU, with vulnerabilities tracked cumulatively for multi CPU systems.
2018-06-16 12:14:39 +02:00