mirror of
https://github.com/speed47/spectre-meltdown-checker
synced 2024-12-22 04:13:38 +01:00
Compare commits
3 Commits
9b7b09ada3
...
0f2edb1a71
Author | SHA1 | Date | |
---|---|---|---|
|
0f2edb1a71 | ||
|
8ac2539a2a | ||
|
97f4d5f2bc |
6
.github/workflows/check.yml
vendored
6
.github/workflows/check.yml
vendored
@ -24,7 +24,7 @@ jobs:
|
||||
fi
|
||||
- name: check direct execution
|
||||
run: |
|
||||
expected=18
|
||||
expected=19
|
||||
nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l)
|
||||
if [ "$nb" -ne "$expected" ]; then
|
||||
echo "Invalid number of CVEs reported: $nb instead of $expected"
|
||||
@ -34,7 +34,7 @@ jobs:
|
||||
fi
|
||||
- name: check docker-compose run execution
|
||||
run: |
|
||||
expected=18
|
||||
expected=19
|
||||
docker-compose build
|
||||
nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
|
||||
if [ "$nb" -ne "$expected" ]; then
|
||||
@ -45,7 +45,7 @@ jobs:
|
||||
fi
|
||||
- name: check docker run execution
|
||||
run: |
|
||||
expected=18
|
||||
expected=19
|
||||
docker build -t spectre-meltdown-checker .
|
||||
nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
|
||||
if [ "$nb" -ne "$expected" ]; then
|
||||
|
@ -23,6 +23,7 @@ CVE
|
||||
[CVE-2022-40982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982) | Gather Data Sampling | GDS, Downfall
|
||||
[CVE-2023-20569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569) | Return Address Security | Inception, RAS, SRSO
|
||||
[CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593) | Cross-Process Information Leak | Zenbleed
|
||||
[CVE-2023-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583) | Redundant Prefix issue | Reptar
|
||||
|
||||
Supported operating systems:
|
||||
- Linux (all versions, flavors and distros)
|
||||
@ -199,3 +200,9 @@ docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/m
|
||||
- Impact: Kernel & all software
|
||||
- Mitigation: either kernel mitigation by disabling a CPU optimization through an MSR bit, or CPU microcode mitigation
|
||||
- Performance impact of the mitigation: TBD
|
||||
|
||||
**CVE-2023-23583** Redundant Prefix issue (Reptar)
|
||||
|
||||
- Impact: All software
|
||||
- Mitigation: microcode update for the affected CPU
|
||||
- Performance impact of the mitigation: low
|
||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user