dsanchez/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker synced 2025-01-03 10:05:44 +01:00
Code Issues Releases Wiki Activity

Compare commits

base: dsanchez:0f2edb1a71733c1074550166c5e53abcfaa4d6ca
Branches Tags
dsanchez:master
dsanchez:v0.46
dsanchez:v0.45
dsanchez:v0.44
dsanchez:v0.43
dsanchez:v0.42
dsanchez:v0.41
dsanchez:v0.40
dsanchez:v0.39
dsanchez:v0.38
dsanchez:v0.37
dsanchez:v0.36
dsanchez:v0.35
dsanchez:v0.34
dsanchez:v0.33
dsanchez:v0.32
dsanchez:v0.31
dsanchez:v0.30
dsanchez:v0.29
dsanchez:v0.28
dsanchez:v0.27
dsanchez:v0.26
dsanchez:v0.25
dsanchez:v0.24
dsanchez:v0.23
dsanchez:v0.22
dsanchez:v0.21
dsanchez:v0.20
dsanchez:v0.19
dsanchez:v0.18
dsanchez:v0.17
dsanchez:v0.16
dsanchez:v0.15
dsanchez:v0.14
dsanchez:v0.13
dsanchez:v0.12
dsanchez:v0.11
dsanchez:v0.10
dsanchez:v0.09
dsanchez:v0.08
dsanchez:v0.07
dsanchez:v0.06
dsanchez:v0.05
dsanchez:v0.04
dsanchez:v0.03
dsanchez:v0.02
dsanchez:v0.01
..
compare: dsanchez:9b7b09ada3caf56c1e6169a1240909010f5c8e49
Branches Tags
dsanchez:master
dsanchez:v0.46
dsanchez:v0.45
dsanchez:v0.44
dsanchez:v0.43
dsanchez:v0.42
dsanchez:v0.41
dsanchez:v0.40
dsanchez:v0.39
dsanchez:v0.38
dsanchez:v0.37
dsanchez:v0.36
dsanchez:v0.35
dsanchez:v0.34
dsanchez:v0.33
dsanchez:v0.32
dsanchez:v0.31
dsanchez:v0.30
dsanchez:v0.29
dsanchez:v0.28
dsanchez:v0.27
dsanchez:v0.26
dsanchez:v0.25
dsanchez:v0.24
dsanchez:v0.23
dsanchez:v0.22
dsanchez:v0.21
dsanchez:v0.20
dsanchez:v0.19
dsanchez:v0.18
dsanchez:v0.17
dsanchez:v0.16
dsanchez:v0.15
dsanchez:v0.14
dsanchez:v0.13
dsanchez:v0.12
dsanchez:v0.11
dsanchez:v0.10
dsanchez:v0.09
dsanchez:v0.08
dsanchez:v0.07
dsanchez:v0.06
dsanchez:v0.05
dsanchez:v0.04
dsanchez:v0.03
dsanchez:v0.02
dsanchez:v0.01

No commits in common. "0f2edb1a71733c1074550166c5e53abcfaa4d6ca" and "9b7b09ada3caf56c1e6169a1240909010f5c8e49" have entirely different histories.
0f2edb1a71 ... 9b7b09ada3

3 changed files with 742 additions and 1004 deletions
Show Stats Expand all files Collapse all files

6
.github/workflows/check.yml vendored
View File

@ -24,7 +24,7 @@ jobs:
fi fi
- name: check direct execution - name: check direct execution
run: | run: |
expected=19 expected=18
nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l) nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l)
if [ "$nb" -ne "$expected" ]; then if [ "$nb" -ne "$expected" ]; then
echo "Invalid number of CVEs reported: $nb instead of $expected" echo "Invalid number of CVEs reported: $nb instead of $expected"
@ -34,7 +34,7 @@ jobs:
fi fi
- name: check docker-compose run execution - name: check docker-compose run execution
run: | run: |
expected=19 expected=18
docker-compose build docker-compose build
nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l) nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
if [ "$nb" -ne "$expected" ]; then if [ "$nb" -ne "$expected" ]; then
@ -45,7 +45,7 @@ jobs:
fi fi
- name: check docker run execution - name: check docker run execution
run: | run: |
expected=19 expected=18
docker build -t spectre-meltdown-checker . docker build -t spectre-meltdown-checker .
nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l) nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
if [ "$nb" -ne "$expected" ]; then if [ "$nb" -ne "$expected" ]; then

7
README.md
View File

@ -23,7 +23,6 @@ CVE
[CVE-2022-40982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982) | Gather Data Sampling | GDS, Downfall [CVE-2022-40982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982) | Gather Data Sampling | GDS, Downfall
[CVE-2023-20569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569) | Return Address Security | Inception, RAS, SRSO [CVE-2023-20569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569) | Return Address Security | Inception, RAS, SRSO
[CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593) | Cross-Process Information Leak | Zenbleed [CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593) | Cross-Process Information Leak | Zenbleed
[CVE-2023-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583) | Redundant Prefix issue | Reptar
Supported operating systems: Supported operating systems:
- Linux (all versions, flavors and distros) - Linux (all versions, flavors and distros)
@ -200,9 +199,3 @@ docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/m
- Impact: Kernel & all software - Impact: Kernel & all software
- Mitigation: either kernel mitigation by disabling a CPU optimization through an MSR bit, or CPU microcode mitigation - Mitigation: either kernel mitigation by disabling a CPU optimization through an MSR bit, or CPU microcode mitigation
- Performance impact of the mitigation: TBD - Performance impact of the mitigation: TBD
**CVE-2023-23583** Redundant Prefix issue (Reptar)
- Impact: All software
- Mitigation: microcode update for the affected CPU
- Performance impact of the mitigation: low

1733
spectre-meltdown-checker.sh
View File

File diff suppressed because it is too large Load Diff