From a8466b74fe9c786990e3e5c72609ace2ffad6eb0 Mon Sep 17 00:00:00 2001
From: Gabriel Francisco <frc.gabriel@gmail.com>
Date: Mon, 27 Oct 2025 00:30:14 +0100
Subject: [PATCH] fix CVE-2017-5715 reporting when IBRS_FW is enabled

---
 spectre-meltdown-checker.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 89434c4..1ce6604 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -4209,7 +4209,7 @@ check_CVE_2017_5715_linux()
 					[ -z "$ibpb_enabled"   ] && ibpb_enabled=1
 				fi
 				# when IBRS_FW is enabled on 4.15+, we can see it in sysfs
-				if echo "$fullmsg" | grep -q ', IBRS_FW'; then
+				if echo "$fullmsg" | grep -q '[,;] IBRS_FW'; then
 					_debug "ibrs: found IBRS_FW in sysfs"
 					[ -z "$ibrs_supported" ] && ibrs_supported='found IBRS_FW in sysfs'
 					ibrs_fw_enabled=1
@@ -4246,7 +4246,7 @@ check_CVE_2017_5715_linux()
 				:
 			else
 				ibrs_can_tell=1
-				ibrs_supported=$("${opt_arch_prefix}strings" "$kernel" | grep -Fw -e ', IBRS_FW' | head -n1)
+				ibrs_supported=$("${opt_arch_prefix}strings" "$kernel" | grep -Fw -e '[,;] IBRS_FW' | head -n1)
 				if [ -n "$ibrs_supported" ]; then
 					_debug "ibrs: found ibrs evidence in kernel image ($ibrs_supported)"
 					ibrs_supported="found '$ibrs_supported' in kernel image"