[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Intel Microcode updates

On Mon, Jun 10, 2019 at 02:01:25PM +1000, Russell Coker wrote:
I just discovered the spectre-meltdown-checker package (thanks Sylvestre for
packaging this).

model name      : Intel(R) Core(TM)2 Quad CPU    Q9505  @ 2.83GHz

On a system with the above CPU running Debian/Testing I get the following
results from the spectre-meltdown-checker script.  Is this a bug in the intel-
microcode package that the latest version isn't packaged?  There is no newer
version of intel-microcode in Unstable.

# spectre-meltdown-checker |grep CPU.mic
* Hardware support (CPU microcode) for mitigation techniques
 * CPU microcode is known to cause stability problems:  NO  (model 0x17
family 0x6 stepping 0xa ucode 0xa0b cpuid 0x1067a)
 * CPU microcode is the latest known available version:  NO  (latest version
is 0xa0e dated 2015/07/29 according to builtin MCExtractor DB v111 -
IBPB is considered as a good addition to retpoline for Variant 2 mitigation,
but your CPU microcode doesn't support it
* CPU microcode mitigates the vulnerability:  NO
STATUS:  VULNERABLE  (an up-to-date CPU microcode is needed to mitigate this
* CPU microcode mitigates the vulnerability:  N/A

Your CPU is not supported my Intel, so you either accept the risk or buy a new one. (Note that the latest version of the microcode is from 2015--long before any of these speculative execution vulnerabilities were mitigated.) Yours is a yorkfield:

Reply to: