Re: CVE-2017-5715
On 12/03/2022 09:48, Georgi Naplatanov wrote:
spectre-meltdown-checker script reports that my system is vulnerable to
CVE-2017-5715. My CPU is Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Is this normal?
In the past all checks from spectre-meltdown-checker were green (my
system was not vulnerable).
Is your vulnerability shown as follows?
CVE-2017-5715 aka 'Spectre Variant 2, branch target injection'
* Mitigated according to the /sys interface: YES (Mitigation:
Retpolines, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling)
* Mitigation 1
* Kernel is compiled with IBRS support: YES
* IBRS enabled and active: YES (for firmware code only)
* Kernel is compiled with IBPB support: YES
* IBPB enabled and active: YES
* Mitigation 2
* Kernel has branch predictor hardening (arm): NO
* Kernel compiled with retpoline option: YES
* Kernel supports RSB filling: YES
> STATUS: VULNERABLE (IBRS+IBPB or retpoline+IBPB+RSB filling, is
needed to mitigate the vulnerability)
--
With kindest regards, Piotr.
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
⠈⠳⣄⠀⠀⠀⠀
Reply to: