Commit Graph

510 Commits

Author SHA1 Message Date
Stéphane Lesimple
5f6471d9a4 feat: set default TMPDIR for Android (#415) 2022-03-27 12:31:05 +02:00
Stéphane Lesimple
2a5b965b98 feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied 2022-03-24 12:37:19 +01:00
Stéphane Lesimple
ee266d43b7 chore: fix indentation 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
b61baa90df feat: bsd: for unimplemented CVEs, at least report when CPU is not affected 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
a98d92f8bc chore: wording: model not vulnerable -> model not affected 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
b7c8c4115a feat: implement detection for MCEPSC under BSD 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
4e7c52767d chore: update Intel Family 6 models 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
8473d9ba6b chore: ensure vars are set before being dereferenced (set -u compat) 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
0af4830224 fix: is_ucode_blacklisted: fix some model names 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
81a4329d71 feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
3679776f3c chore: only attempt to load msr and cpuid module once 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
ba131fcd2f chore: read_cpuid: use named constants 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
ae6bc31c2c feat: hw check: add IPRED, RRSBA, BHI features check 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
6d7a6b3666 feat: add subleaf != 0 support for read_cpuid 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
16f2160be5 chore: fwdb: update to v220+i20220208 2022-03-17 19:39:39 +01:00
Aditya-Tolikar
7cad9301b3 typo
'A' is more 'X' *than 'B'.
Previously: 'A' is more 'X' that 'B'.
2022-03-17 19:26:12 +01:00
Stéphane Lesimple
580549812a fix: retpoline: detection on 5.15.28+ (#420) 2022-03-17 19:25:24 +01:00
Stéphane Lesimple
a485c7882a doc: readme: make the FAQ entry more visible 2021-05-25 13:22:54 +02:00
Stéphane Lesimple
7d13f7a0ef doc: add an FAQ entry about CVE support 2021-05-25 13:17:03 +02:00
Stéphane Lesimple
226b2375ab chore: speculative execution -> transient execution 2021-05-25 12:39:51 +02:00
Stéphane Lesimple
052a3e66d1 doc: more FAQ and README 2021-05-25 12:31:30 +02:00
Stéphane Lesimple
05d862709d fix: has_vmm false positive with pcp
Fix by matching the full procname with pgrep (-x),
so that the 'pmdakvm' process doesn't match.

Closes #394
2021-05-25 12:31:07 +02:00
Stéphane Lesimple
3846913899 fix: refuse to run under MacOS and ESXi 2021-05-24 22:42:23 +02:00
Stéphane Lesimple
a87ace1f98 doc: add an FAQ.md and update the README.md accordingly 2021-05-24 22:27:46 +02:00
Stéphane Lesimple
0ba71a443e fix: mcedb: v191 changed the MCE table format
Also update the builtin db to v191+i20210217

Closes #400
2021-05-24 12:55:44 +02:00
Stéphane Lesimple
3a486e9985 arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig 2021-04-02 15:38:31 +02:00
Stéphane Lesimple
23564cda5d fix: variant4: added case where prctl ssbd status is tagged as 'unknown' 2021-04-02 15:38:31 +02:00
Stéphane Lesimple
0ea21d09bd fix: extract_kernel: don't overwrite kernel_err if already set
Fixes #395
2021-04-02 15:33:02 +02:00
Stéphane Lesimple
08e30e156d chore: readme: framapic is gone, host the screenshots on GitHub 2021-02-22 21:22:11 +01:00
Zhiyuan Dai
6d35e780f4 arm64: phytium: Add CPU Implementer Phytium
This patch adds 0x70 check for phytium implementer id in function
parse_cpu_details. Also adds that Phytium Soc is not vulnerable to variant 3/3a
2021-01-13 19:14:09 +01:00
Stéphane Lesimple
4ec3154be0 chore: replace 'Vulnerable to' by 'Affected by' in the hw section
This seems to be less confusing, suggested by #356
2020-11-10 18:56:25 +01:00
Stéphane Lesimple
843f26630d feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) 2020-11-10 18:36:42 +01:00
Stéphane Lesimple
7fc2ec65b9 bump to v0.44 2020-11-09 18:41:43 +01:00
Stéphane Lesimple
c8cdfd54da chore: fwdb: update to v165.20201021+i20200616 2020-11-08 21:25:18 +01:00
Stéphane Lesimple
f0c33c7a32 fix: fwdb: use the commit date as the intel fwdb version
fixes #379
2020-11-08 21:25:18 +01:00
Stéphane Lesimple
9e874397da chore: fwdb: update to v163.20200930+i20200904 2020-10-05 20:06:49 +02:00
Stéphane Lesimple
76cb73f3cb fix: fwdb: update Intel's repository URL 2020-10-05 20:06:49 +02:00
Stéphane Lesimple
90f23d286e chore: update fwdb to v160.20200912+i20200722 2020-09-14 21:45:09 +02:00
Stéphane Lesimple
e41e311a7f feat: add zstd kernel decompression (#370) 2020-09-14 21:42:55 +02:00
Stéphane Lesimple
1f75f01630 fwdb: update MCEdb to v148 & Intel firmwares to 2020-04-27 2020-06-13 18:11:12 +02:00
Stéphane Lesimple
14a53b19da chore: add CVE to the README 2020-06-10 00:07:14 +02:00
Stéphane Lesimple
d8f0ddd7a5 chore: fix indentation 2020-06-10 00:07:14 +02:00
Agata Gruza
62d3448a54 Added support for SRBDS related vulnerabilities 2020-06-10 00:07:14 +02:00
Stéphane Lesimple
cb6d139629 chore: tests: now expect 15 CVEs instead of 14 (fix) 2020-06-09 22:56:25 +02:00
Stéphane Lesimple
7e2db09ed9 chore: tests: now expect 15 CVEs instead of 14 2020-06-09 22:51:50 +02:00
Stéphane Lesimple
33cf1cde79 enh: arm: add experimental support for binary arm images 2020-06-06 17:29:32 +02:00
Stéphane Lesimple
4a3006e196 fix: arm64: cve-2017-5753: kernels 4.19+ use a different nospec macro 2020-06-06 17:29:32 +02:00
Stéphane Lesimple
36f98eff95 fwdb: update MCEdb to v147 & Intel firmwares to 2020-04-27 2020-05-31 13:03:58 +02:00
xaitax
fa7b8f9567 Typo 2020-05-08 16:17:09 +02:00
Stéphane Lesimple
3beefc2587 enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode 2020-03-10 22:29:54 +01:00