split script in multiple files, reassembled through build.sh

2026-04-07 09:13:20 +02:00 · 2026-03-30 20:04:16 +02:00
parent 7e660812e9
commit cebda01d05
47 changed files with 7712 additions and 7617 deletions
--- a/src/vulns/CVE-2023-23583.sh
+++ b/src/vulns/CVE-2023-23583.sh
@@ -0,0 +1,32 @@
+# vim: set ts=4 sw=4 sts=4 et:
+#######################
+# Reptar section
+
+# CVE-2023-23583 Reptar (redundant prefix issue) - entry point
+check_CVE_2023_23583() {
+    check_cve 'CVE-2023-23583'
+}
+
+# CVE-2023-23583 Reptar (redundant prefix issue) - Linux mitigation check
+check_CVE_2023_23583_linux() {
+    local status sys_interface_available msg
+    status=UNK
+    sys_interface_available=0
+    msg=''
+
+    # there is no sysfs file for this vuln, and no kernel patch,
+    # the mitigation is only ucode-based and there's no flag exposed,
+    # so most of the work has already been done by is_cpu_affected()
+    if ! is_cpu_affected "$cve"; then
+        pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
+    else
+        pr_info_nol "* Reptar is mitigated by microcode: "
+        if [ "$cpu_ucode" -lt "$g_reptar_fixed_ucode_version" ]; then
+            pstatus yellow NO "You have ucode $(printf "0x%x" "$cpu_ucode") and version $(printf "0x%x" "$g_reptar_fixed_ucode_version") minimum is required"
+            pvulnstatus "$cve" VULN "Your microcode is too old to mitigate the vulnerability"
+        else
+            pstatus green YES "You have ucode $(printf "0x%x" "$cpu_ucode") which is recent enough (>= $(printf "0x%x" "$g_reptar_fixed_ucode_version"))"
+            pvulnstatus "$cve" OK "Your microcode mitigates the vulnerability"
+        fi
+    fi
+}