![]() ![]() Spectre and Meltdown mitigation detection tool v0.16Ĭhecking vulnerabilities against Linux 4.13.0- 21-generic # 24-Ubuntu SMP Mon Dec 18 17: 29: x86_64ĬVE- 2017- 5753 aka 'Spectre Variant 1' Use the wget command or curl command to grab the source code on your Linux box: Use this script to check or see if you are still vulnerable to Meltdown and Spectre CPU bugs after applying kernel patches. Spectre-meltdown-checker.sh is a simple shell script to find out if your Linux kernel (installation) is vulnerable against the 3 “speculative execution” CVEs. The performance impact of the mitigation is low to medium. You must install updated kernel version with PTI/KPTI patches. CVE-2017-5754: rogue data cache load (Meltdown).The performance impact of the mitigation depending on your CPU. CVE-2017-5715: branch target injection (Spectre Variant 2).The performance impact of the mitigation is negligible. You need to recompile software and kernel with a modified compiler that introduces the LFENCE opcode at the proper positions in the resulting code. CVE-2017-5753: bounds check bypass (Spectre Variant 1).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |