fix: CVE-2017-5715 (Spectre V2): Red Hat specific fix for RSB Filling (fixes #235)

2026-04-07 09:13:20 +02:00 · 2026-04-06 17:40:59 +02:00
parent c143bdb073
commit d040c0ffc3
1 changed files with 9 additions and 1 deletions
--- a/src/vulns/CVE-2017-5715.sh
+++ b/src/vulns/CVE-2017-5715.sh
@@ -633,7 +633,15 @@ check_CVE_2017_5715_linux() {
                fi
            fi
            if [ "$rsb_filling" = 0 ]; then
-                if [ -n "$g_kernel_err" ]; then
+                # Red Hat kernels (RHEL 6/7/8) stuff RSB on context switch as part of
+                # their retpoline implementation when retp_enabled=1, but don't use the
+                # upstream X86_FEATURE_RSB_CTXSW flag or "Filling RSB on context switch"
+                # string. Detect this via the RHEL-specific debugfs knob.
+                # See https://bugzilla.redhat.com/show_bug.cgi?id=1616245#c8
+                if [ "$retp_enabled" = 1 ]; then
+                    rsb_filling=1
+                    pstatus green YES "Red Hat kernel with retpoline enabled includes RSB filling"
+                elif [ -n "$g_kernel_err" ]; then
                    pstatus yellow UNKNOWN "couldn't check ($g_kernel_err)"
                else
                    if grep -qw -e 'Filling RSB on context switch' "$g_kernel"; then