spectre-meltdown-checker
spectre-meltdown-checker copied to clipboard
speed47
Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
info: https://travisdowns.github.io/blog/2021/06/17/rip-zero-opt.html So far it looks like it's only patchable with updated microcode. The vulnerability affects at least as far back as sandybridge, however microcode has only been released for...
https://www.phoronix.com/scan.php?page=news_item&px=Linux-MIPS-Vulnerabilities There is now support for reporting various spectre vulnerabilities on MIPS hardware. However, the state of most vulnerabilities on most hardware is "unknown" by default as most MIPS vendors...
I have two identical Dell r720 servers running bios 2.7.0. one server is running rhel 7.9 and passes all the checker tests. the second is a vm running rhel 7.9...
after [applying the ARM-recommended Spectre v4 mitigation on my Raspberry Pi 4](https://github.com/raspberrypi/firmware/issues/1451#issuecomment-671852625), I confirmed that the `spectre_v4` demo from [Google SafeSide](https://github.com/google/safeside) no longer succeeds, so the vulnerability is mitigated. spectre-meltdown-checker...
CVE-2018-3646 covers the virtualization related aspects of the L1TF vulnerability. According to [https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html](https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html), L1D flushing is "only potent" when combined with guest CPU isolation (i.e. isolated cores that don't run...
When running in Xen with SMT disabled (smt=0 Xen boot option), multiple points are still reported as vulnerable with "Your microcode and kernel are both up to date for this...
this vulnerability is mitigated in today's kernel releases (5.2.7, 4.19.65, and 4.14.137, but not 4.9.188 and 4.4.188). mitigation is indicated by `Mitigation: usercopy/swapgs barriers and __user pointer sanitization` in `/sys/devices/system/cpu/vulnerabilities/spectre_v1`....
I haven't found a reference to this vulnerability in the issue tracker, so here it goes: https://platypusattack.com/ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8694 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8695
Hi, See https://www.phoronix.com/scan.php?page=news_item&px=BlindSide for demo. On the bright side(?), it seems to require a real, existing kernel memory overflow bug to work. It just manages to exploit it without bringing...
Hi, Is the date for 2005/06/10 correct for this microcode? Is it because I'm using a KVM CPU? The system is running Centos 7.7.1908 and have microcode 53.7.el7_7 installed. *...
