From be0f2d20d21d50772a0e662d8ff2419d414f5c3d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Wed, 8 Apr 2026 21:41:55 +0200
Subject: [PATCH] fix: remove misleading explain on correctly mitigated SLS

---
 src/vulns-helpers/check_sls.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/vulns-helpers/check_sls.sh b/src/vulns-helpers/check_sls.sh
index 5301637..b640a8e 100644
--- a/src/vulns-helpers/check_sls.sh
+++ b/src/vulns-helpers/check_sls.sh
@@ -258,9 +258,6 @@ check_CVE_0000_0001_linux() {
         # --- verdict (x86_64) ---
         if [ "$_sls_config" = 1 ] || [ "$_sls_heuristic" = 1 ]; then
             pvulnstatus "$cve" OK "kernel compiled with SLS mitigation"
-            explain "Your kernel was compiled with CONFIG_MITIGATION_SLS=y (or CONFIG_SLS=y on kernels before 6.8),\n" \
-                "which enables the GCC flag -mharden-sls=all to insert INT3 instructions after unconditional\n" \
-                "control flow changes, blocking straight-line speculation."
         elif [ "$_sls_config" = 0 ] || [ "$_sls_heuristic" = 0 ]; then
             pvulnstatus "$cve" VULN "kernel not compiled with SLS mitigation"
             explain "Recompile your kernel with CONFIG_MITIGATION_SLS=y (or CONFIG_SLS=y on kernels before 6.8).\n" \