mirror of
https://github.com/speed47/spectre-meltdown-checker
synced 2025-01-03 01:55:51 +01:00
Compare commits
3 Commits
a485c7882a
...
16f2160be5
Author | SHA1 | Date | |
---|---|---|---|
|
16f2160be5 | ||
|
7cad9301b3 | ||
|
580549812a |
2
FAQ.md
2
FAQ.md
@ -63,7 +63,7 @@ There are a few rules that govern how this tool is written.
|
||||
|
||||
* 1a. Never modify the system it's running on, and if it needs to e.g. load a kernel module it requires, that wasn't loaded before it was launched, it'll take care to unload it on exit
|
||||
* 1b. Never attempt to "fix" or "mitigate" any vulnerability, or modify any configuration. It just reports what it thinks is the status of your system. It leaves all decisions to the sysadmin.
|
||||
* 1c. Never attempt to run any kind of exploit to tell whether a vulnerability is mitigated, because it would violate 1a), could lead to unpredictable system behavior, and might even lead to wrong conclusions, as some PoC must be compiled with specific options and prerequisites, otherwise giving wrong information (especially for Spectre). If you want to run PoCs, do it yourself, but please read carefully about the PoC and the vulnerability. PoCs about a hardware vulnerability are way more complicated and prone to false conclusions that PoCs for software vulnerabilities.
|
||||
* 1c. Never attempt to run any kind of exploit to tell whether a vulnerability is mitigated, because it would violate 1a), could lead to unpredictable system behavior, and might even lead to wrong conclusions, as some PoC must be compiled with specific options and prerequisites, otherwise giving wrong information (especially for Spectre). If you want to run PoCs, do it yourself, but please read carefully about the PoC and the vulnerability. PoCs about a hardware vulnerability are way more complicated and prone to false conclusions than PoCs for software vulnerabilities.
|
||||
|
||||
2) Never look at the kernel version to tell whether it supports mitigation for a given vulnerability. This implies never hardcoding version numbers in the script. This would defeat the purpose: this script should be able to detect mitigations in unknown kernels, with possibly backported or forward-ported patches. Also, don't believe what `sysfs` says, when possible. See the next question about this.
|
||||
|
||||
|
@ -3769,8 +3769,11 @@ check_CVE_2017_5715_linux()
|
||||
#
|
||||
# if there is "retpoline" in the file and NOT "minimal", then it's full retpoline
|
||||
# (works for vanilla and Red Hat variants)
|
||||
#
|
||||
# since 5.15.28, this is now "Retpolines" as the implementation was switched to a generic one,
|
||||
# so we look for both "retpoline" and "retpolines"
|
||||
if [ "$opt_live" = 1 ] && [ -n "$fullmsg" ]; then
|
||||
if echo "$fullmsg" | grep -qwi retpoline; then
|
||||
if echo "$fullmsg" | grep -qwi -e retpoline -e retpolines; then
|
||||
if echo "$fullmsg" | grep -qwi minimal; then
|
||||
retpoline_compiler=0
|
||||
retpoline_compiler_reason="kernel reports minimal retpoline compilation"
|
||||
@ -5602,7 +5605,7 @@ exit 0 # ok
|
||||
# The builtin version follows, but the user can download an up-to-date copy (to be stored in his $HOME) by using --update-fwdb
|
||||
# To update the builtin version itself (by *modifying* this very file), use --update-builtin-fwdb
|
||||
|
||||
# %%% MCEDB v191+i20210217
|
||||
# %%% MCEDB v220+i20220208
|
||||
# I,0x00000611,0x00000B27,19961218
|
||||
# I,0x00000612,0x000000C6,19961210
|
||||
# I,0x00000616,0x000000C6,19961210
|
||||
@ -5734,6 +5737,7 @@ exit 0 # ok
|
||||
# I,0x000106D1,0x0000002A,20150803
|
||||
# I,0x000106E0,0xFFFF0022,20090116
|
||||
# I,0x000106E1,0xFFFF000D,20090206
|
||||
# I,0x000106E2,0xFFFF0011,20090924
|
||||
# I,0x000106E3,0xFFFF0011,20090512
|
||||
# I,0x000106E4,0x00000003,20130701
|
||||
# I,0x000106E5,0x0000000A,20180508
|
||||
@ -5770,7 +5774,7 @@ exit 0 # ok
|
||||
# I,0x000206E4,0xFFFF0008,20090619
|
||||
# I,0x000206E5,0xFFFF0018,20091215
|
||||
# I,0x000206E6,0x0000000D,20180515
|
||||
# I,0x000206F0,0x00000004,20100630
|
||||
# I,0x000206F0,0x00000005,20100729
|
||||
# I,0x000206F1,0x00000008,20101013
|
||||
# I,0x000206F2,0x0000003B,20180516
|
||||
# I,0x00030650,0x00000009,20120118
|
||||
@ -5806,9 +5810,9 @@ exit 0 # ok
|
||||
# I,0x000306E7,0x00000715,20190314
|
||||
# I,0x000306F0,0xFFFF0017,20130730
|
||||
# I,0x000306F1,0x00000014,20140110
|
||||
# I,0x000306F2,0x00000044,20200527
|
||||
# I,0x000306F2,0x00000049,20210811
|
||||
# I,0x000306F3,0x0000000D,20160211
|
||||
# I,0x000306F4,0x00000017,20201125
|
||||
# I,0x000306F4,0x0000001A,20210524
|
||||
# I,0x00040650,0xFFFF000B,20121206
|
||||
# I,0x00040651,0x00000026,20191112
|
||||
# I,0x00040660,0xFFFF0011,20121012
|
||||
@ -5826,40 +5830,40 @@ exit 0 # ok
|
||||
# I,0x000406D8,0x0000012D,20190916
|
||||
# I,0x000406E1,0x00000020,20141111
|
||||
# I,0x000406E2,0x0000002C,20150521
|
||||
# I,0x000406E3,0x000000EA,20210125
|
||||
# I,0x000406E3,0x000000EC,20210428
|
||||
# I,0x000406E8,0x00000026,20160414
|
||||
# I,0x000406F0,0x00000014,20150702
|
||||
# I,0x000406F1,0x0B00003C,20201119
|
||||
# I,0x000406F1,0x0B000040,20210519
|
||||
# I,0x00050650,0x8000002B,20160208
|
||||
# I,0x00050651,0x8000002B,20160208
|
||||
# I,0x00050652,0x80000037,20170502
|
||||
# I,0x00050653,0x01000159,20200618
|
||||
# I,0x00050654,0x02006B06,20210308
|
||||
# I,0x00050653,0x0100015C,20210526
|
||||
# I,0x00050654,0x02006C0A,20210616
|
||||
# I,0x00050655,0x03000012,20190412
|
||||
# I,0x00050656,0x04003006,20201231
|
||||
# I,0x00050657,0x05003102,20210308
|
||||
# I,0x0005065A,0x86000020,20201118
|
||||
# I,0x0005065B,0x07000020,20201120
|
||||
# I,0x00050656,0x0400320A,20210813
|
||||
# I,0x00050657,0x0500320A,20210813
|
||||
# I,0x0005065A,0x86002302,20210416
|
||||
# I,0x0005065B,0x07002402,20210604
|
||||
# I,0x00050661,0xF1000008,20150130
|
||||
# I,0x00050662,0x0000001C,20190617
|
||||
# I,0x00050663,0x07000019,20190617
|
||||
# I,0x00050664,0x0F000017,20190617
|
||||
# I,0x00050665,0x0E00000F,20190617
|
||||
# I,0x00050663,0x0700001C,20210612
|
||||
# I,0x00050664,0x0F00001A,20210612
|
||||
# I,0x00050665,0x0E000014,20210918
|
||||
# I,0x00050670,0xFFFF0030,20151113
|
||||
# I,0x00050671,0x000001B6,20180108
|
||||
# I,0x000506A0,0x00000038,20150112
|
||||
# I,0x000506C2,0x00000014,20180511
|
||||
# I,0x000506C8,0x90011010,20160323
|
||||
# I,0x000506C9,0x00000044,20201023
|
||||
# I,0x000506CA,0x0000001E,20200227
|
||||
# I,0x000506C9,0x00000046,20210510
|
||||
# I,0x000506CA,0x00000022,20210622
|
||||
# I,0x000506D1,0x00000102,20150605
|
||||
# I,0x000506E0,0x00000018,20141119
|
||||
# I,0x000506E1,0x0000002A,20150602
|
||||
# I,0x000506E2,0x0000002E,20150815
|
||||
# I,0x000506E3,0x000000EA,20210125
|
||||
# I,0x000506E3,0x000000EC,20210429
|
||||
# I,0x000506E8,0x00000034,20160710
|
||||
# I,0x000506F0,0x00000010,20160607
|
||||
# I,0x000506F1,0x00000034,20201023
|
||||
# I,0x000506F1,0x00000036,20210510
|
||||
# I,0x00060660,0x0000000C,20160821
|
||||
# I,0x00060661,0x0000000E,20170128
|
||||
# I,0x00060662,0x00000022,20171129
|
||||
@ -5867,49 +5871,62 @@ exit 0 # ok
|
||||
# I,0x000606A0,0x80000031,20200308
|
||||
# I,0x000606A4,0x0B000280,20200817
|
||||
# I,0x000606A5,0x0C0002F0,20210308
|
||||
# I,0x000606A6,0x0D0002A0,20210425
|
||||
# I,0x000606A6,0x0D000332,20211217
|
||||
# I,0x000606E0,0x0000000B,20161104
|
||||
# I,0x000606E1,0x00000108,20190423
|
||||
# I,0x000706A0,0x00000026,20170712
|
||||
# I,0x000706A1,0x00000036,20201023
|
||||
# I,0x000706A8,0x0000001A,20201023
|
||||
# I,0x000706A1,0x00000038,20210510
|
||||
# I,0x000706A8,0x0000001C,20210510
|
||||
# I,0x000706E0,0x0000002C,20180614
|
||||
# I,0x000706E1,0x00000042,20190420
|
||||
# I,0x000706E2,0x00000042,20190420
|
||||
# I,0x000706E3,0x81000008,20181002
|
||||
# I,0x000706E4,0x00000046,20190905
|
||||
# I,0x000706E5,0x000000A6,20201101
|
||||
# I,0x000706E5,0x000000A8,20210526
|
||||
# I,0x00080650,0x00000018,20180108
|
||||
# I,0x00080664,0x0B00000F,20210217
|
||||
# I,0x00080665,0x0B00000F,20210217
|
||||
# I,0x000806A0,0x00000010,20190507
|
||||
# I,0x000806A1,0x0000002A,20201106
|
||||
# I,0x000806A1,0x0000002D,20210902
|
||||
# I,0x000806C0,0x00000068,20200402
|
||||
# I,0x000806C1,0x0000008A,20210409
|
||||
# I,0x000806C2,0x00000016,20210407
|
||||
# I,0x000806C1,0x0000009C,20211026
|
||||
# I,0x000806C2,0x00000022,20210716
|
||||
# I,0x000806D0,0x00000050,20201217
|
||||
# I,0x000806D1,0x0000002C,20210423
|
||||
# I,0x000806E9,0x000000EA,20210105
|
||||
# I,0x000806EA,0x000000EA,20210106
|
||||
# I,0x000806EB,0x000000EA,20210105
|
||||
# I,0x000806EC,0x000000EA,20210105
|
||||
# I,0x00090660,0x80001001,20190918
|
||||
# I,0x000806D1,0x0000003C,20210716
|
||||
# I,0x000806E9,0x000000EC,20210428
|
||||
# I,0x000806EA,0x000000EC,20210428
|
||||
# I,0x000806EB,0x000000EC,20210428
|
||||
# I,0x000806EC,0x000000EC,20210428
|
||||
# I,0x00090660,0x00000009,20200617
|
||||
# I,0x00090661,0x00000015,20210921
|
||||
# I,0x00090670,0x00000019,20201111
|
||||
# I,0x000906C0,0x0000001D,20210323
|
||||
# I,0x000906E9,0x000000EA,20210105
|
||||
# I,0x000906EA,0x000000EA,20210105
|
||||
# I,0x000906EB,0x000000EA,20210105
|
||||
# I,0x000906EC,0x000000EA,20210105
|
||||
# I,0x000906ED,0x000000EA,20210105
|
||||
# I,0x00090671,0x0000001C,20210614
|
||||
# I,0x00090672,0x0000001A,20220103
|
||||
# I,0x00090674,0x00000219,20210425
|
||||
# I,0x00090675,0x0000001A,20220103
|
||||
# I,0x000906A0,0x0000001C,20210614
|
||||
# I,0x000906A1,0x0000011F,20211104
|
||||
# I,0x000906A2,0x00000315,20220102
|
||||
# I,0x000906A3,0x00000418,20220207
|
||||
# I,0x000906A4,0x00000418,20220207
|
||||
# I,0x000906C0,0x2400001F,20210809
|
||||
# I,0x000906E9,0x000000EC,20210429
|
||||
# I,0x000906EA,0x000000EC,20210428
|
||||
# I,0x000906EB,0x000000EC,20210428
|
||||
# I,0x000906EC,0x000000EC,20210428
|
||||
# I,0x000906ED,0x000000EC,20210428
|
||||
# I,0x000A0650,0x000000BE,20191010
|
||||
# I,0x000A0651,0x000000C2,20191113
|
||||
# I,0x000A0652,0x000000EA,20210207
|
||||
# I,0x000A0653,0x000000EA,20210308
|
||||
# I,0x000A0652,0x000000EC,20210428
|
||||
# I,0x000A0653,0x000000EC,20210428
|
||||
# I,0x000A0654,0x000000C6,20200123
|
||||
# I,0x000A0655,0x000000EC,20210308
|
||||
# I,0x000A0660,0x000000E8,20201208
|
||||
# I,0x000A0661,0x000000E0,20200702
|
||||
# I,0x000A0655,0x000000EE,20210428
|
||||
# I,0x000A0660,0x000000EA,20210428
|
||||
# I,0x000A0661,0x000000EC,20210429
|
||||
# I,0x000A0670,0x0000002C,20201124
|
||||
# I,0x000A0671,0x00000040,20210411
|
||||
# I,0x000A0671,0x00000050,20210829
|
||||
# I,0x000A0680,0x80000002,20200121
|
||||
# I,0x000B0670,0x00000009,20211115
|
||||
# A,0x00000F00,0x02000008,20070614
|
||||
# A,0x00000F01,0x0000001C,20021031
|
||||
# A,0x00000F10,0x00000003,20020325
|
||||
@ -5954,7 +5971,7 @@ exit 0 # ok
|
||||
# A,0x00580F00,0x0500000B,20100601
|
||||
# A,0x00580F01,0x0500001A,20100908
|
||||
# A,0x00580F10,0x05000028,20101124
|
||||
# A,0x00580F20,0x05000101,20110406
|
||||
# A,0x00580F20,0x05000103,20110526
|
||||
# A,0x00600F00,0x06000017,20101029
|
||||
# A,0x00600F01,0x0600011F,20110227
|
||||
# A,0x00600F10,0x06000425,20110408
|
||||
@ -5979,7 +5996,7 @@ exit 0 # ok
|
||||
# A,0x00800F00,0x0800002A,20161006
|
||||
# A,0x00800F10,0x0800100C,20170131
|
||||
# A,0x00800F11,0x08001138,20190204
|
||||
# A,0x00800F12,0x0800126C,20200619
|
||||
# A,0x00800F12,0x0800126E,20211111
|
||||
# A,0x00800F82,0x0800820D,20190416
|
||||
# A,0x00810F00,0x08100004,20161120
|
||||
# A,0x00810F10,0x08101016,20190430
|
||||
@ -5989,7 +6006,7 @@ exit 0 # ok
|
||||
# A,0x00820F00,0x08200002,20180214
|
||||
# A,0x00820F01,0x08200103,20190417
|
||||
# A,0x00830F00,0x08300027,20190401
|
||||
# A,0x00830F10,0x0830104D,20200728
|
||||
# A,0x00830F10,0x08301052,20211111
|
||||
# A,0x00850F00,0x08500004,20180212
|
||||
# A,0x00860F00,0x0860000E,20200127
|
||||
# A,0x00860F01,0x08600106,20200619
|
||||
@ -5997,8 +6014,12 @@ exit 0 # ok
|
||||
# A,0x00870F00,0x08700004,20181206
|
||||
# A,0x00870F10,0x08701021,20200125
|
||||
# A,0x00A00F00,0x0A000033,20200413
|
||||
# A,0x00A00F10,0x0A00103F,20210105
|
||||
# A,0x00A00F11,0x0A00111D,20210202
|
||||
# A,0x00A00F10,0x0A001053,20211217
|
||||
# A,0x00A00F11,0x0A00115D,20211119
|
||||
# A,0x00A00F12,0x0A001227,20211215
|
||||
# A,0x00A00F80,0x0A008003,20211015
|
||||
# A,0x00A00F82,0x0A008204,20211015
|
||||
# A,0x00A20F00,0x0A200025,20200121
|
||||
# A,0x00A20F10,0x0A201009,20200821
|
||||
# A,0x00A20F10,0x0A201016,20210408
|
||||
# A,0x00A20F12,0x0A201205,20210719
|
||||
# A,0x00A50F00,0x0A50000C,20201208
|
||||
|
Loading…
Reference in New Issue
Block a user