mirror of
https://github.com/speed47/spectre-meltdown-checker
synced 2024-12-22 20:33:56 +01:00
Compare commits
3 Commits
9b7b09ada3
...
0f2edb1a71
Author | SHA1 | Date | |
---|---|---|---|
|
0f2edb1a71 | ||
|
8ac2539a2a | ||
|
97f4d5f2bc |
6
.github/workflows/check.yml
vendored
6
.github/workflows/check.yml
vendored
@ -24,7 +24,7 @@ jobs:
|
|||||||
fi
|
fi
|
||||||
- name: check direct execution
|
- name: check direct execution
|
||||||
run: |
|
run: |
|
||||||
expected=18
|
expected=19
|
||||||
nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l)
|
nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l)
|
||||||
if [ "$nb" -ne "$expected" ]; then
|
if [ "$nb" -ne "$expected" ]; then
|
||||||
echo "Invalid number of CVEs reported: $nb instead of $expected"
|
echo "Invalid number of CVEs reported: $nb instead of $expected"
|
||||||
@ -34,7 +34,7 @@ jobs:
|
|||||||
fi
|
fi
|
||||||
- name: check docker-compose run execution
|
- name: check docker-compose run execution
|
||||||
run: |
|
run: |
|
||||||
expected=18
|
expected=19
|
||||||
docker-compose build
|
docker-compose build
|
||||||
nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
|
nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
|
||||||
if [ "$nb" -ne "$expected" ]; then
|
if [ "$nb" -ne "$expected" ]; then
|
||||||
@ -45,7 +45,7 @@ jobs:
|
|||||||
fi
|
fi
|
||||||
- name: check docker run execution
|
- name: check docker run execution
|
||||||
run: |
|
run: |
|
||||||
expected=18
|
expected=19
|
||||||
docker build -t spectre-meltdown-checker .
|
docker build -t spectre-meltdown-checker .
|
||||||
nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
|
nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
|
||||||
if [ "$nb" -ne "$expected" ]; then
|
if [ "$nb" -ne "$expected" ]; then
|
||||||
|
@ -23,6 +23,7 @@ CVE
|
|||||||
[CVE-2022-40982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982) | Gather Data Sampling | GDS, Downfall
|
[CVE-2022-40982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982) | Gather Data Sampling | GDS, Downfall
|
||||||
[CVE-2023-20569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569) | Return Address Security | Inception, RAS, SRSO
|
[CVE-2023-20569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569) | Return Address Security | Inception, RAS, SRSO
|
||||||
[CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593) | Cross-Process Information Leak | Zenbleed
|
[CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593) | Cross-Process Information Leak | Zenbleed
|
||||||
|
[CVE-2023-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583) | Redundant Prefix issue | Reptar
|
||||||
|
|
||||||
Supported operating systems:
|
Supported operating systems:
|
||||||
- Linux (all versions, flavors and distros)
|
- Linux (all versions, flavors and distros)
|
||||||
@ -199,3 +200,9 @@ docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/m
|
|||||||
- Impact: Kernel & all software
|
- Impact: Kernel & all software
|
||||||
- Mitigation: either kernel mitigation by disabling a CPU optimization through an MSR bit, or CPU microcode mitigation
|
- Mitigation: either kernel mitigation by disabling a CPU optimization through an MSR bit, or CPU microcode mitigation
|
||||||
- Performance impact of the mitigation: TBD
|
- Performance impact of the mitigation: TBD
|
||||||
|
|
||||||
|
**CVE-2023-23583** Redundant Prefix issue (Reptar)
|
||||||
|
|
||||||
|
- Impact: All software
|
||||||
|
- Mitigation: microcode update for the affected CPU
|
||||||
|
- Performance impact of the mitigation: low
|
||||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user