I just discovered the spectre-meltdown-checker package (thanks Sylvestre for
packaging this).
model name : Intel(R) Core(TM)2 Quad CPU Q9505 @ 2.83GHz
On a system with the above CPU running Debian/Testing I get the following
results from the spectre-meltdown-checker script. Is this a bug in the intel-
microcode package that the latest version isn't packaged? There is no newer
version of intel-microcode in Unstable.
# spectre-meltdown-checker |grep CPU.mic
* Hardware support (CPU microcode) for mitigation techniques
* CPU microcode is known to cause stability problems: NO (model 0x17
family 0x6 stepping 0xa ucode 0xa0b cpuid 0x1067a)
* CPU microcode is the latest known available version: NO (latest version
is 0xa0e dated 2015/07/29 according to builtin MCExtractor DB v111 -
2019/05/18)
IBPB is considered as a good addition to retpoline for Variant 2 mitigation,
but your CPU microcode doesn't support it
* CPU microcode mitigates the vulnerability: NO
STATUS: VULNERABLE (an up-to-date CPU microcode is needed to mitigate this
vulnerability)
* CPU microcode mitigates the vulnerability: N/A