L'articolo è di Gennaio 2018 , le falle conosciute al momento erano solo 2
A Marzo erano già 3 se non ricordo male.
A MAggio ne sono sbucate altre due
vulnerabilities/*
If your kernel does not have that sysfs directory or files, then obviously there is a problem and you need to upgrade your kernel!
sono introdotte a livello di kernel per indicare questo tipo di problemi.
Ad esempio
access.redhat.com/security/cve/cve-2018-3639 (l'ultima) è di maggio ed è stata introdotta come informazione in quel periodo più o meno.
github.com/torvalds/...442396d6adf9c1e17aa2d/drivers/base/cpu.c
Guardati le ultime righe.
#ifdef CONFIG_GENERIC_CPU_VULNERABILITIES
ssize_t __weak cpu_show_meltdown(struct device *dev,
struct device_attribute *attr, char *buf)
{
return sprintf(buf, "Not affected\n");
}
ssize_t __weak cpu_show_spectre_v1(struct device *dev,
struct device_attribute *attr, char *buf)
{
return sprintf(buf, "Not affected\n");
}
ssize_t __weak cpu_show_spectre_v2(struct device *dev,
struct device_attribute *attr, char *buf)
{
return sprintf(buf, "Not affected\n");
}
[...]
E' il codice introdotto a livello di sorgente per le varie tipologie di vulnerabilità di CPU (non solo per Spectre/Meltdown)
github.com/torvalds/...lnerabilities&unscoped_q=vulnerabilities
Inoltre all'inizio di tutto questo , parlando in IRC Gentoo/Sabayon in merito a questo , verso Marzo le vulnerabilità conosciute erano 3 o 4 . Poi si è aggiunto "paperino" a Maggio con il pettorale N.5
E ripeto : il comando riporta solo che la CPU è vulnerabile a quel tipo di attacchi sempre se non ne vengono scoperti altri , in questo caso viene aggiornato il kernel introducendo la nuova vulnerabilità (l'avviso) con una patch ed il fix (lato kernel)
Poi sta a te utente tappare più buchi possibili con gli aggiornamenti risolutivi.
Ti riporto l'output di una CPU SkyLake in esecuzione su SystemRscueCD-5.2.2
grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline, IBPB, IBRS_FW
./spectre-meltdown-checker
Spectre and Meltdown mitigation detection tool v0.39
Checking for vulnerabilities on current system
Kernel is Linux 4.14.32-std522-amd64 #2 SMP Sat Mar 31 20:05:28 UTC 2018 x86_64
CPU is Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: YES
* CPU indicates IBRS capability: YES (SPEC_CTRL feature bit)
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: YES
* CPU indicates IBPB capability: YES (SPEC_CTRL feature bit)
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: YES
* CPU indicates STIBP capability: YES (Intel STIBP feature bit)
* Speculative Store Bypass Disable (SSBD)
* CPU indicates SSBD capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU explicitly indicates not being vulnerable to Variant 4 (SSB_NO): NO
* Hypervisor indicates host CPU might be vulnerable to RSB underflow (RSBA): NO
* CPU microcode is known to cause stability problems: NO (model 0x5e family 0x6 stepping 0x3 ucode 0xc2 cpuid 0x506e3)
* CPU vulnerability to the speculative execution attack variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: YES
* Vulnerable to Variant 3a: YES
* Vulnerable to Variant 4: YES
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface: YES (Mitigation: __user pointer sanitization)
* Kernel has array_index_mask_nospec: UNKNOWN (couldn't check (couldn't find your kernel image in /boot, if you used netboot, this is normal))
* Kernel has the Red Hat/Ubuntu patch: UNKNOWN (couldn't check (couldn't find your kernel image in /boot, if you used netboot, this is normal))
* Kernel has mask_nospec64 (arm64): UNKNOWN (couldn't check (couldn't find your kernel image in /boot, if you used netboot, this is normal))
* Checking count of LFENCE instructions following a jump in kernel... UNKNOWN (couldn't check (couldn't find your kernel image in /boot, if you used netboot, this is normal))
> STATUS: NOT VULNERABLE (Mitigation: __user pointer sanitization)
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: NO (Vulnerable: Minimal generic ASM retpoline, IBPB, IBRS_FW)
* Mitigation 1
* Kernel is compiled with IBRS support: YES
* IBRS enabled and active: YES (for kernel and firmware code)
* Kernel is compiled with IBPB support: YES
* IBPB enabled and active: YES
* Mitigation 2
* Kernel has branch predictor hardening (arm): NO
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: NO (kernel reports minimal retpoline compilation)
* Kernel supports RSB filling: UNKNOWN (kernel image missing)
> STATUS: NOT VULNERABLE (IBRS + IBPB are mitigating the vulnerability)
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface: YES (Mitigation: PTI)
* Kernel supports Page Table Isolation (PTI): YES
* PTI enabled and active: YES
* Reduced performance impact of PTI: YES (CPU supports INVPCID, performance impact of PTI will be greatly reduced)
* Running as a Xen PV DomU: NO
> STATUS: NOT VULNERABLE (Mitigation: PTI)
CVE-2018-3640 [rogue system register read] aka 'Variant 3a'
* CPU microcode mitigates the vulnerability: NO
> STATUS: VULNERABLE (an up-to-date CPU microcode is needed to mitigate this vulnerability)
CVE-2018-3639 [speculative store bypass] aka 'Variant 4'
* Kernel supports speculation store bypass: NO
> STATUS: VULNERABLE (Neither your CPU nor your kernel support SSBD)
come vedi indica solo 3 buchi perchè non sono state applicate tutte le patch che includono le altre 2 (il kernel 4.14.32 è di Aprile)