peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-02 05:07:07 +02:00
Code Issues Projects Releases Wiki Activity

enh: CVE-2017-5715 (spectre v2): make vuln assessment cap_bhi-aware

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-04-01 21:34:12 +02:00
parent 8c3fb7b2cc
commit 43c515ac74
1 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/vulns/CVE-2017-5715.sh
View File

@@ -788,7 +788,11 @@ check_CVE_2017_5715_linux() {
esac
elif [ "$opt_live" != 1 ] && [ -n "$opt_config" ] && [ -r "$opt_config" ]; then
if grep -q '^CONFIG_\(MITIGATION_\)\?SPECTRE_BHI' "$opt_config"; then
if [ "$cap_bhi" = 1 ]; then
v2_bhi_status=bhi_dis_s
else
v2_bhi_status=sw-loop
fi
else
v2_bhi_status=unknown
fi
@@ -859,9 +863,14 @@ check_CVE_2017_5715_linux() {
if [ "$v2_bhi_status" = "vulnerable" ]; then
_v2_ok=0
_v2_add_caveat "BHI vulnerable"
elif [ "$v2_bhi_status" = "unknown" ] && is_intel && [ "$cap_rrsba" != 0 ]; then
elif [ "$v2_bhi_status" = "unknown" ] && is_intel; then
if [ "$cap_bhi" = 0 ]; then
_v2_ok=0
_v2_add_caveat "BHI vulnerable (no BHI_DIS_S hardware support, no kernel mitigation detected)"
elif [ "$cap_rrsba" != 0 ]; then
_v2_add_caveat "BHI status unknown (kernel may lack BHI mitigation)"
fi
fi
# PBRSB check (only matters for VMM hosts)
if [ "$v2_pbrsb_status" = "vulnerable" ]; then
@@ -946,6 +955,9 @@ check_CVE_2017_5715_linux() {
if [ "$v2_bhi_status" = "vulnerable" ]; then
_v2_ok=0
_v2_add_caveat "BHI vulnerable"
elif [ "$v2_bhi_status" = "unknown" ] && is_intel && [ "$cap_bhi" = 0 ]; then
_v2_ok=0
_v2_add_caveat "BHI vulnerable (no BHI_DIS_S hardware support, no kernel mitigation detected)"
fi
# Vulnerable module check
@@ -999,9 +1011,14 @@ check_CVE_2017_5715_linux() {
if [ "$v2_bhi_status" = "vulnerable" ]; then
_v2_ok=0
_v2_add_caveat "BHI vulnerable"
elif [ "$v2_bhi_status" = "unknown" ] && is_intel && [ "$cap_rrsba" = 1 ]; then
elif [ "$v2_bhi_status" = "unknown" ] && is_intel; then
if [ "$cap_bhi" = 0 ] && [ "$cap_rrsba" = 1 ]; then
_v2_ok=0
_v2_add_caveat "BHI vulnerable (no BHI_DIS_S hardware support, RRSBA bypasses retpoline)"
elif [ "$cap_rrsba" = 1 ]; then
_v2_add_caveat "BHI status unknown with RRSBA"
fi
fi
# Vulnerable module
if [ "$v2_vuln_module" = 1 ]; then