493 Commits (master)
 

Author SHA1 Message Date
Agata Gruza 8e870db4f5 Added support for MDS related vulnerabilities (#282) 3 years ago
Stéphane Lesimple d547ce4ab4 fix(ssb): fix error when no process uses prctl to set ssb mitigation 3 years ago
Stéphane Lesimple d187827841 enh(vmm): add Xen daemons detection 3 years ago
Hans-Joachim Kliemeck 2e304ec617 enh(xen): improvements for xen systems (#270) 3 years ago
Stéphane Lesimple fcc04437e8 update builtin MCEdb from v96 to v109 3 years ago
Stéphane Lesimple d31a9810e6 enhance previous commit logic 3 years ago
Stéphane Lesimple 4edb867def fix(vmm): revert to checking the running processes to detect a hypervisor 3 years ago
Stéphane Lesimple 1264b1c7a3 chore: more shellcheck 0.6 fixes 3 years ago
Stéphane Lesimple 7beca1ac50 fix: invalid names in json batch mode (fixes #279) 3 years ago
David 8ad10e15d3 chore: Comply with Shellcheck SC2209 (#280) 3 years ago
Stéphane Lesimple bfa4de96e6 enh(l1tf): in paranoid mode, assume we're running a hypervisor unless stated otherwise 3 years ago
Stéphane Lesimple b022b27a51 feat(ssbd): in live mode, report whether the mitigation is active (fix #210) 3 years ago
Dario Faggioli c4bae6ee6a IBRS kernel reported active even if sysfs has "IBRS_FW" only (#275) (#276) 3 years ago
Stéphane Lesimple 23e7db044e fix(bsd): load vmm if not already loaded, fixes #274 3 years ago
Stéphane Lesimple fc4981bb94 update MCEDB from v84 to v96 3 years ago
Dajiang Zhong 419508758e add spectre and meltdown mitigation technologies checking for Hygon CPU (#271) 3 years ago
Stéphane Lesimple d7d2e6934b fix: typo in bare metal detection (fixes #269) 3 years ago
Jan b0083d918e Remove unneeded volumes in Dockerfile (#266) 3 years ago
Lily Wilson 904a83c675 Fix Arch kernel image detection (#268) 3 years ago
Rob Gill 906f54cf9d Improved hypervisor detection (#259) 3 years ago
Brett T. Warden c45a06f414 Warn on missing kernel info (#265) 3 years ago
Brett T. Warden 4a6fa070a4 Fix misdetection of files under Clear Linux (#264) 3 years ago
Stéphane Lesimple c705afe764 bump to v0.40 3 years ago
Stanislav Kholmanskikh 401ccd4b14 Correct aarch64 KPTI dmesg message 3 years ago
Stanislav Kholmanskikh 55120839dd Fix a typo in check_variant3_linux() 3 years ago
Stéphane Lesimple f5106b3c02 update MCEDB from v83 to v84 (no actual change) 3 years ago
Stéphane Lesimple 68289dae1e feat: add --update-builtin-mcedb to update the DB inside the script 3 years ago
Stéphane Lesimple 3b2d529654 feat(l1tf): read & report ARCH_CAPABILITIES bit 3 (SKIP_VMENTRY_L1DFLUSH) 3 years ago
Stéphane Lesimple cbb18cb6b6 fix(l1tf): properly detect status under Red Hat/CentOS kernels 3 years ago
Stéphane Lesimple 299103a3ae some fixes when script is not started as root 3 years ago
Stéphane Lesimple dc5402b349 chore: speed optimization of hw check and indentation fixes 3 years ago
Stéphane Lesimple 90c2ae5de2 feat: use the MCExtractor DB as the reference for the microcode versions 3 years ago
Michael Lass 53d6a44754 Fix detection of CVE-2018-3615 (L1TF_SGX) (#253) 3 years ago
Stéphane Lesimple 297d890ce9 fix ucode version check regression introduced by fbbb19f under BSD 3 years ago
Stéphane Lesimple 0252e74f94 feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection 3 years ago
Nicolas Sauzede fbbb19f244 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. (#246) 3 years ago
Stéphane Lesimple 1571a56ce2 feat: add L1D flush cpuid feature bit detection 3 years ago
Stéphane Lesimple 3cf9141601 fix: don't display summary if no CVE was tested (e.g. --hw-only) 3 years ago
Stéphane Lesimple bff38f1b26 BSD: add not-implemented-yet notice for Foreshadow-NG 3 years ago
Stéphane Lesimple b419fe7c63 feat(variant4): properly detect SSBD under BSD 3 years ago
alexvong1995 f193484a4a chore: fix deprecated SPDX license identifier (#249) (#251) 3 years ago
Laszlo Toth 349d77b3b6 Fix kernel detection when /lib/kernel exists on a distro (#252) 3 years ago
Stéphane Lesimple e589ed7f02 fix: don't test SGX again in check_CVE_2018_3615, already done by is_cpu_vulnerable 3 years ago
Stéphane Lesimple ae1206288f fix: remove some harcoded /proc paths, use $procfs instead 3 years ago
Stéphane Lesimple b44d2b5470 chore: remove 'experimental' notice of Foreshadow from README 3 years ago
Stéphane Lesimple 7b72c20f89 feat(l1tf): explode L1TF in its 3 distinct CVEs 3 years ago
Luis Ponce b48b2177b7 feat: Add Clear Linux Distro (#244) 3 years ago
Pierre Gaxatte 8f31634df6 feat(batch): Add a batch short option for one line result (#243) 3 years ago
Luis Ponce 96798b1932 chore: add SPDX GPL-3.0 license identifier (#245) 3 years ago
Stéphane Lesimple 687ce1a7fa fix: load cpuid module if absent even when /dev/cpu/0/cpuid is there 3 years ago