Stéphane Lesimple
|
5f6471d9a4
|
feat: set default TMPDIR for Android (#415)
|
2022-03-27 12:31:05 +02:00 |
|
Stéphane Lesimple
|
2a5b965b98
|
feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied
|
2022-03-24 12:37:19 +01:00 |
|
Stéphane Lesimple
|
ee266d43b7
|
chore: fix indentation
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
b61baa90df
|
feat: bsd: for unimplemented CVEs, at least report when CPU is not affected
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
a98d92f8bc
|
chore: wording: model not vulnerable -> model not affected
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
b7c8c4115a
|
feat: implement detection for MCEPSC under BSD
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
4e7c52767d
|
chore: update Intel Family 6 models
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
8473d9ba6b
|
chore: ensure vars are set before being dereferenced (set -u compat)
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
0af4830224
|
fix: is_ucode_blacklisted: fix some model names
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
81a4329d71
|
feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
3679776f3c
|
chore: only attempt to load msr and cpuid module once
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
ba131fcd2f
|
chore: read_cpuid: use named constants
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
ae6bc31c2c
|
feat: hw check: add IPRED, RRSBA, BHI features check
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
6d7a6b3666
|
feat: add subleaf != 0 support for read_cpuid
|
2022-03-21 22:22:33 +01:00 |
|
Stéphane Lesimple
|
16f2160be5
|
chore: fwdb: update to v220+i20220208
|
2022-03-17 19:39:39 +01:00 |
|
Aditya-Tolikar
|
7cad9301b3
|
typo
'A' is more 'X' *than 'B'.
Previously: 'A' is more 'X' that 'B'.
|
2022-03-17 19:26:12 +01:00 |
|
Stéphane Lesimple
|
580549812a
|
fix: retpoline: detection on 5.15.28+ (#420)
|
2022-03-17 19:25:24 +01:00 |
|
Stéphane Lesimple
|
a485c7882a
|
doc: readme: make the FAQ entry more visible
|
2021-05-25 13:22:54 +02:00 |
|
Stéphane Lesimple
|
7d13f7a0ef
|
doc: add an FAQ entry about CVE support
|
2021-05-25 13:17:03 +02:00 |
|
Stéphane Lesimple
|
226b2375ab
|
chore: speculative execution -> transient execution
|
2021-05-25 12:39:51 +02:00 |
|
Stéphane Lesimple
|
052a3e66d1
|
doc: more FAQ and README
|
2021-05-25 12:31:30 +02:00 |
|
Stéphane Lesimple
|
05d862709d
|
fix: has_vmm false positive with pcp
Fix by matching the full procname with pgrep (-x),
so that the 'pmdakvm' process doesn't match.
Closes #394
|
2021-05-25 12:31:07 +02:00 |
|
Stéphane Lesimple
|
3846913899
|
fix: refuse to run under MacOS and ESXi
|
2021-05-24 22:42:23 +02:00 |
|
Stéphane Lesimple
|
a87ace1f98
|
doc: add an FAQ.md and update the README.md accordingly
|
2021-05-24 22:27:46 +02:00 |
|
Stéphane Lesimple
|
0ba71a443e
|
fix: mcedb: v191 changed the MCE table format
Also update the builtin db to v191+i20210217
Closes #400
|
2021-05-24 12:55:44 +02:00 |
|
Stéphane Lesimple
|
3a486e9985
|
arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig
|
2021-04-02 15:38:31 +02:00 |
|
Stéphane Lesimple
|
23564cda5d
|
fix: variant4: added case where prctl ssbd status is tagged as 'unknown'
|
2021-04-02 15:38:31 +02:00 |
|
Stéphane Lesimple
|
0ea21d09bd
|
fix: extract_kernel: don't overwrite kernel_err if already set
Fixes #395
|
2021-04-02 15:33:02 +02:00 |
|
Stéphane Lesimple
|
08e30e156d
|
chore: readme: framapic is gone, host the screenshots on GitHub
|
2021-02-22 21:22:11 +01:00 |
|
Zhiyuan Dai
|
6d35e780f4
|
arm64: phytium: Add CPU Implementer Phytium
This patch adds 0x70 check for phytium implementer id in function
parse_cpu_details. Also adds that Phytium Soc is not vulnerable to variant 3/3a
|
2021-01-13 19:14:09 +01:00 |
|
Stéphane Lesimple
|
4ec3154be0
|
chore: replace 'Vulnerable to' by 'Affected by' in the hw section
This seems to be less confusing, suggested by #356
|
2020-11-10 18:56:25 +01:00 |
|
Stéphane Lesimple
|
843f26630d
|
feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371)
|
2020-11-10 18:36:42 +01:00 |
|
Stéphane Lesimple
|
7fc2ec65b9
|
bump to v0.44
|
2020-11-09 18:41:43 +01:00 |
|
Stéphane Lesimple
|
c8cdfd54da
|
chore: fwdb: update to v165.20201021+i20200616
|
2020-11-08 21:25:18 +01:00 |
|
Stéphane Lesimple
|
f0c33c7a32
|
fix: fwdb: use the commit date as the intel fwdb version
fixes #379
|
2020-11-08 21:25:18 +01:00 |
|
Stéphane Lesimple
|
9e874397da
|
chore: fwdb: update to v163.20200930+i20200904
|
2020-10-05 20:06:49 +02:00 |
|
Stéphane Lesimple
|
76cb73f3cb
|
fix: fwdb: update Intel's repository URL
|
2020-10-05 20:06:49 +02:00 |
|
Stéphane Lesimple
|
90f23d286e
|
chore: update fwdb to v160.20200912+i20200722
|
2020-09-14 21:45:09 +02:00 |
|
Stéphane Lesimple
|
e41e311a7f
|
feat: add zstd kernel decompression (#370)
|
2020-09-14 21:42:55 +02:00 |
|
Stéphane Lesimple
|
1f75f01630
|
fwdb: update MCEdb to v148 & Intel firmwares to 2020-04-27
|
2020-06-13 18:11:12 +02:00 |
|
Stéphane Lesimple
|
14a53b19da
|
chore: add CVE to the README
|
2020-06-10 00:07:14 +02:00 |
|
Stéphane Lesimple
|
d8f0ddd7a5
|
chore: fix indentation
|
2020-06-10 00:07:14 +02:00 |
|
Agata Gruza
|
62d3448a54
|
Added support for SRBDS related vulnerabilities
|
2020-06-10 00:07:14 +02:00 |
|
Stéphane Lesimple
|
cb6d139629
|
chore: tests: now expect 15 CVEs instead of 14 (fix)
|
2020-06-09 22:56:25 +02:00 |
|
Stéphane Lesimple
|
7e2db09ed9
|
chore: tests: now expect 15 CVEs instead of 14
|
2020-06-09 22:51:50 +02:00 |
|
Stéphane Lesimple
|
33cf1cde79
|
enh: arm: add experimental support for binary arm images
|
2020-06-06 17:29:32 +02:00 |
|
Stéphane Lesimple
|
4a3006e196
|
fix: arm64: cve-2017-5753: kernels 4.19+ use a different nospec macro
|
2020-06-06 17:29:32 +02:00 |
|
Stéphane Lesimple
|
36f98eff95
|
fwdb: update MCEdb to v147 & Intel firmwares to 2020-04-27
|
2020-05-31 13:03:58 +02:00 |
|
xaitax
|
fa7b8f9567
|
Typo
|
2020-05-08 16:17:09 +02:00 |
|
Stéphane Lesimple
|
3beefc2587
|
enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode
|
2020-03-10 22:29:54 +01:00 |
|