izvinjavam se što upadam…
TRIOS koristi standardni debian kernel…usput, malo je drugačiji rezultat za AMD procesor:
…jel treba da sam zabrinut, ne razumem se, moji rezultati su malo drugačiji Debian-Stretch?
Code:
root@deb-pc:/home/fish105/Downloads/spectre-meltdown-checker-master# inxi -Cxxx
CPU: Quad core Intel Core2 Quad Q6600 (-MCP-) cache: 4096 KB
flags: (lm nx sse sse2 sse3 ssse3 vmx) bmips: 19243
clock speeds: min/max: 1596/2394 MHz 1: 1596 MHz 2: 1596 MHz
3: 1596 MHz 4: 1596 MHz
root@deb-pc:/home/fish105/Downloads/spectre-meltdown-checker-master# ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.31
Checking for vulnerabilities against running kernel Linux 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64
CPU is Intel(R) Core™2 Quad CPU Q6600 @ 2.40GHz
CVE-2017-5753 [bounds check bypass] aka ‘Spectre Variant 1’
[LIST]
[*]Checking count of LFENCE opcodes in kernel: NO
[/LIST]
[QUOTE]
STATUS: VULNERABLE (only 25 opcodes found, should be >= 70, heuristic to be improved when official patches become available)
[/QUOTE]
CVE-2017-5715 [branch target injection] aka ‘Spectre Variant 2’
[LIST]
[*]Mitigation 1
[*]Hardware (CPU microcode) support for mitigation
[*][CODE]The SPEC_CTRL MSR is available: NO
[*]
Code:
The SPEC_CTRL CPUID feature bit is set: NO
[*]Kernel support for IBRS: NO
[*]IBRS enabled for Kernel space: NO
[*]IBRS enabled for User space: NO
[*]Mitigation 2
[*]Kernel compiled with retpoline option: NO
[*]Kernel compiled with a retpoline-aware compiler: NO
[/LIST]
STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
CVE-2017-5754 [rogue data cache load] aka ‘Meltdown’ aka ‘Variant 3’
- Kernel supports Page Table Isolation (PTI): YES
- PTI enabled and active: YES
- Checking if we’re running under Xen PV (64 bits): NO
STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)
A false sense of security is worse than no security at all, see --disclaimer
root@deb-pc:/home/fish105/Downloads/spectre-meltdown-checker-master#
[/CODE]
… a ovo je izveštaj od TRIOS:
View attachment 4860