peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-09 10:13:18 +02:00
Code Issues Projects Releases Wiki Activity

fix: remove misleading explain on correctly mitigated SLS

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-04-08 21:41:55 +02:00
parent 3639de9e8a
commit be0f2d20d2
1 changed files with 0 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/vulns-helpers/check_sls.sh
View File

@@ -258,9 +258,6 @@ check_CVE_0000_0001_linux() {
# --- verdict (x86_64) --- # --- verdict (x86_64) ---
if [ "$_sls_config" = 1 ] || [ "$_sls_heuristic" = 1 ]; then if [ "$_sls_config" = 1 ] || [ "$_sls_heuristic" = 1 ]; then
pvulnstatus "$cve" OK "kernel compiled with SLS mitigation" pvulnstatus "$cve" OK "kernel compiled with SLS mitigation"
explain "Your kernel was compiled with CONFIG_MITIGATION_SLS=y (or CONFIG_SLS=y on kernels before 6.8),\n" \
"which enables the GCC flag -mharden-sls=all to insert INT3 instructions after unconditional\n" \
"control flow changes, blocking straight-line speculation."
elif [ "$_sls_config" = 0 ] || [ "$_sls_heuristic" = 0 ]; then elif [ "$_sls_config" = 0 ] || [ "$_sls_heuristic" = 0 ]; then
pvulnstatus "$cve" VULN "kernel not compiled with SLS mitigation" pvulnstatus "$cve" VULN "kernel not compiled with SLS mitigation"
explain "Recompile your kernel with CONFIG_MITIGATION_SLS=y (or CONFIG_SLS=y on kernels before 6.8).\n" \ explain "Recompile your kernel with CONFIG_MITIGATION_SLS=y (or CONFIG_SLS=y on kernels before 6.8).\n" \