linux-libre 4.16 still vulnerable to CVE-2017-5715 aka Spectre Variant 2

1 respuesta [Último envío]
lilos
Desconectado/a
se unió: 09/04/2015

Hi to all i just installed to test fresh linux-libre kernel on a old core2duo cpu and found linux-libre is still vulnerable to CVE-2017-5715 aka Spectre Variant 2.

Spectre and Meltdown mitigation detection tool v0.36+

Checking for vulnerabilities on current system
Kernel is Linux 4.16.0-gnu #1 SMP Mon Apr 2 00:58:20 UTC 2018 x86_64
CPU is Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: NO
* CPU indicates IBRS capability: NO
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: NO
* CPU indicates IBPB capability: NO
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: NO
* CPU indicates STIBP capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU microcode is known to cause stability problems: NO (model 23 stepping 10 ucode 0xa07)
* CPU vulnerability to the three speculative execution attack variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: YES

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel has array_index_mask_nospec (x86): YES (1 occurence(s) found of 64 bits array_index_mask_nospec())
* Kernel has the Red Hat/Ubuntu patch: NO
* Kernel has mask_nospec64 (arm): NO
> STATUS: NOT VULNERABLE (Mitigation: __user pointer sanitization)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: NO (kernel confirms your system is vulnerable)
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: YES
* Currently enabled features
* IBRS enabled for Kernel space: UNKNOWN
* IBRS enabled for User space: UNKNOWN
* IBPB enabled: UNKNOWN
* Mitigation 2
* Kernel has branch predictor hardening (arm): NO
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: NO (kernel reports minimal retpoline compilation)
> STATUS: VULNERABLE (Vulnerable: Minimal generic ASM retpoline)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel supports Page Table Isolation (PTI): YES (found 'CONFIG_PAGE_TABLE_ISOLATION=y')
* PTI enabled and active: YES
* Running as a Xen PV DomU: NO
> STATUS: NOT VULNERABLE (Mitigation: PTI)

ADFENO
Desconectado/a
se unió: 12/31/2012

> core2duo cpu and found linux-libre is still vulnerable to
> CVE-2017-5715 aka Spectre Variant 2.

To my understanding, every CPU which is known to be affected by Meltdown
and Spectre is always vulnerable. The patches don't cover the
vulnerability window completely, they only delay or shorten the
possibility.

--
- Formas de contato: https://libreplanet.org/wiki/User:Adfeno#vCard

- Ativista do /software/ livre (não confundir com gratuito). Avaliador
da liberdade de /software/ e de /sites/.

- Membro do LibrePlanet Brasil:
https://libreplanet.org/wiki/Group:LibrePlanet_Brasil

- Comunicações sociais federadas padronizadas, onde o "social"
permanece independente do fornecedor.

- #DeleteWhatsApp. Use o pai dele, #XMPP, federado e com padrão
internacional: https://libreplanet.org/wiki/XMPP.pt

- #DeleteFacebook #DeleteInstagram #DeleteTwitter #DeleteYouTube. Use
redes sociais federadas que suportam #ActivityPub, padrão
internacional, como a rede Mastodon: https://joinmastodon.org/

- #DeleteNetflix #CancelNetflix. Evite #DRM:
https://www.defectivebydesign.org/

- Quer enviar arquivos para mim? Veja:
https://libreplanet.org/wiki/User:Adfeno#Arquivos

- Quer doar para mim, ou me contratar? Veja:
https://libreplanet.org/wiki/User:Adfeno#Suporte

- Minhas contribuições:
https://libreplanet.org/wiki/User:Adfeno#Contributions