Re: CVE-2017-5754 - ETA?

To: Vincent Lefevre <vincent@vinc17.net>
Cc: debian-user@lists.debian.org
Subject: Re: CVE-2017-5754 - ETA?
From: bw <bwtnguy@yahoo.com>
Date: Fri, 12 Jan 2018 10:00:03 -0500 (EST)
Message-id: <[🔎] alpine.DEB.2.20.1801120956370.4931@localhost>
In-reply-to: <[🔎] 20180112132217.GA12433@cventin.lip.ens-lyon.fr>
References: <[🔎] CA+AKB6H3bbKZueJO_jXcuG9WLnR4t-Laukvbe3Q9C8yx_g2Ehw@mail.gmail.com> <[🔎] 20180104204742.bx7yeejh2fesiept@qor.donarmstrong.com> <[🔎] 20180112132217.GA12433@cventin.lip.ens-lyon.fr>


On Fri, 12 Jan 2018, Vincent Lefevre wrote:

> 
> According to answers on
> 
>   https://security.stackexchange.com/questions/176624/how-do-i-check-if-kpti-is-enabled-on-linux/176654
> 
> linux-image-4.9.0-5-amd64 4.9.65-3+deb9u2 is still vulnerable as shown
> below:
> 
> # dmesg | grep -i isolation

You should get either

[    0.000000] Kernel/User page tables isolation: enabled
or
[    0.000000] Kernel/User page tables isolation: disabled

Search with dmesg | less it's about two pages down for me,

$ uname -a
Linux debian 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) 
x86_64 GNU/Linux

Reply to:

Follow-Ups:
- Re: CVE-2017-5754 - ETA?
  - From: Jack Dangler <tdldev@gmail.com>
- Re: CVE-2017-5754 - ETA?
  - From: Vincent Lefevre <vincent@vinc17.net>

References:
- CVE-2017-5754 - ETA?
  - From: francis picabia <fpicabia@gmail.com>
- Re: CVE-2017-5754 - ETA?
  - From: Don Armstrong <don@debian.org>
- Re: CVE-2017-5754 - ETA?
  - From: Vincent Lefevre <vincent@vinc17.net>

Prev by Date: black screen after hibernation
Next by Date: Re: Frustration over Debian naming
Previous by thread: Re: CVE-2017-5754 - ETA?
Next by thread: Re: CVE-2017-5754 - ETA?
Index(es):
- Date
- Thread