Re: CVE-2017-5754 - ETA?
On 2018-01-12 10:00:03 -0500, bw wrote:
> On Fri, 12 Jan 2018, Vincent Lefevre wrote:
> > According to answers on
> >
> > https://security.stackexchange.com/questions/176624/how-do-i-check-if-kpti-is-enabled-on-linux/176654
> >
> > linux-image-4.9.0-5-amd64 4.9.65-3+deb9u2 is still vulnerable as shown
> > below:
> >
> > # dmesg | grep -i isolation
>
> You should get either
>
> [ 0.000000] Kernel/User page tables isolation: enabled
> or
> [ 0.000000] Kernel/User page tables isolation: disabled
I get neither.
> Search with dmesg | less it's about two pages down for me,
If I search for isolation I get:
Pattern not found (press RETURN)
> $ uname -a
> Linux debian 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04)
> x86_64 GNU/Linux
$ uname -a
Linux joooj 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux
There seems to be something really wrong. I'll report a bug.
--
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: