peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-09 10:13:18 +02:00
Code Issues Projects Releases Wiki Activity
690 Commits 5 Branches 48 Tags
a952fe32c40c4335718c72655012c9b86601fe92
Commit Graph

70 Commits

Author SHA1 Message Date
Stéphane Lesimple
a952fe32c4 fix: exit_cleanup: don't lose passed exit code 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
61fa02d577 feat: rework the --batch prometheus output entirely 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
39dea1245e feat: rework the --batch json output entirely 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
3afbda8430 enh: when reading CPUID is unavailable (VM?), fallback to cpuinfo where applicable 
cap_* variable <= cpuinfo flag

cap_ibrs              <= ibrs
cap_ibpb              <= ibpb
cap_stibp             <= stibp
cap_ssbd              <= ssbd / virt_ssbd
cap_l1df              <= flush_l1d
cap_md_clear          <= md_clear
cap_arch_capabilities <= arch_capabilities

Should fix #288
 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
6d69ce9a77 enh: read/write_msr: clearer error messages 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
3ebfba2ac2 fix: CVE-2017-5715 (Spectre V2): Red Hat specific fix for RSB Filling (fixes #235) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
a3f6553e65 fix: read/write msr and lockdown: fix a variable error, properly report lockdown to users 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
42ed8efa65 fix: better compatibility under busybox, silence buggy unzlma versions (fix #432) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
2c766b7cc6 fix: wrmsr: specify core number (closes #294) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
49472f1b64 enh: clearer kernel info section at the top of the script 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
333aa74fea enh: clearer CPU details section 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
8d9504d174 chore: add comment about is_intel/amd/hygon recursion 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
6043f586ef enh: update IntelDB affected CPU list to 2026-04 data, including Hybrid CPU detection 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
155b3808b9 fix: CPUs affected by MSBDS but not MDS (fix #351) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
3c56ac35dd fix: better detect kernel lockdown & no longer require cap_flush_cmd to deem CVE-2018-3615 as mitigated (fix #296) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
b0bb1f4676 feat: implement check for MMIO Stale Data (CVE-2022-21123 CVE-2022-21125 CVE-2022-21166) (#437) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
6332fc3405 fix: CVE-2019-11135 (TAA) detect new 0x10F MSR for TSX-disabled CPUs (#414) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
3c61c7489b fix: CVE-2024-3635[0,7] don't print lines about TSA CPUID bits under non-AMD 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
3d01978cd4 feat: add CVE-2023-20588 (AMD DIV0 bug) (#473) 2026-04-08 22:35:53 +02:00
Stéphane Lesimple
076a1d5723 fix: CVE-2020-0543 (SRBDS): microcode mitigation misdetected (#492) 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
ee618ead07 enh: detect IPBP return predictor bypass in Inception/SRSO ("PB-Inception") (#500) 
AMD Zen 1-3 CPUs don't flush return predictions on IBPB, allowing
cross-process Spectre attacks even with IBPB-on-entry active. The kernel
fix (v6.12+, backported) adds RSB fill after IBPB on affected CPUs.
Detect this gap by checking CPUID IBPB_RET bit and kernel ibpb_no_ret
bug flag, and flag systems relying on IBPB without the RSB fill fix.
 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
1ff1dfbe26 fix: don't default to 0x0 ucode when unknown 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
78e4d25319 fix: bsd: use proper MSR for AMD in ucode version read fallback 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
24ed9ccaf6 enh: MDS FreeBSD: detect software mitigation as OK unless --paranoid (#503) 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
2ed15da028 feat: implement CVE-2023-28746 (RFDS, Register File Data Sampling) 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
0fcdc6e6cc feat: add SLS (Straight-Line Speculation) check with --extra option 2026-04-08 22:35:52 +02:00
Stéphane Lesimple
7a7408d124 fix: add rebleet to --variant 2026-04-04 16:22:05 +00:00
Stéphane Lesimple
cccb3c0081 enh: add known fixed ucode versions for CVE-2023-23583 (Reptar) and CVE-2024-45332 (BPI) 2026-04-04 16:07:12 +00:00
Stéphane Lesimple
a00fab131f feat: implement CVE-2025-40300 (VMScape) and CVE-2024-45332 (BTI) 2026-04-04 16:07:12 +00:00
Stéphane Lesimple
4af11551ba feat: implement CVE-2024-28956 (ITS, Indirect Target Selection) vulnerability and mitigation detection 2026-04-04 16:07:12 +00:00
Stéphane Lesimple
1652977f47 add a generated version of src/libs/003_intel_models.sh 2026-04-04 16:07:12 +00:00
Stéphane Lesimple
a089ae8cef fix: sys_interface_check() must set the caller's $msg var (closes #533) 2026-04-04 16:07:12 +00:00
Stéphane Lesimple
86e0fae48a enh: group results by 4 in the summary line at the end of the run 2026-04-02 22:45:08 +02:00
Stéphane Lesimple
cb3b9a37fa enh: rework VERSION adjust when we're cloned 2026-04-02 22:33:48 +02:00
Stéphane Lesimple
b9f75346d4 enh: auto-generate intel model list 2026-04-02 22:33:48 +02:00
Stéphane Lesimple
4f6dbb36c8 feat: implement Retbleed (CVE-2022-29900 CVE-2022-29901) mitigation detection 2026-04-02 22:33:48 +02:00
Stéphane Lesimple
3ea8e213ec chore: add proper header to all src/vulns/* files 2026-04-02 21:03:29 +02:00
Stéphane Lesimple
5e3033e2f5 enh: CVE-2022-40982 (Downfall) overhaul & Spectre V2 enhancements 
Downfall:

- added `--kernel-config` support for all three Kconfig variants seen over all kernel versions up to now
- added `--kernel-map` support for `gds_select_mitigation` in `System.map`
- fixed the `--sysfs-only` mode
- added verbose information about remediation when `--explain` is used
- implemented `--paranoid mode`, requiring `GDS_MITIGATION_LOCKED` so that mitigation can't be disabled at runtime
- fixed offline mode (was wrongly looking at the system `dmesg`)
- better microcode status reporting (enabled, disabled, unsupported, unknown)
- fixed unknown (EOL) AVX-capable Intel family 6 CPUs now defaulting to affected
- fixed 2 missing known affected CPU models: INTEL_FAM6_SKYLAKE_L and INTEL_FAM6_SKYLAKE
- fixed case when we're running in a VM and the hypervisor doesn't let us read the MSR

Spectre V2:
- fix: affected_cpu: added Centaur family 7 (CentaurHauls) and Zhaoxin family 7 (Shanghai) as immune
- fix: added Centaur family 5 (CentaurHauls) and NSC family 5 (Geode by NSC) to is_cpu_specex_free()
- enh: offline mode: added detection logic by probing System.map and Kconfig
 2026-04-02 21:00:30 +02:00
Stéphane Lesimple
e5c6d2d905 enh: CVE-2017-5715; check for unprivileged eBPF for paranoid mode 2026-04-01 20:37:54 +00:00
Stéphane Lesimple
ac327ce7c5 chore: shellcheck fixes 2026-04-01 20:10:29 +00:00
Stéphane Lesimple
03f63714b5 fix: CVE-2023-20569: logic errors with kernel_sro type change (bool => str) 2026-04-01 19:58:20 +00:00
Stéphane Lesimple
08702b07c9 fix: bad kernel/config var names 2026-04-01 19:53:34 +00:00
Stéphane Lesimple
4718134427 chore: cap_ipred unused for now, make shellcheck happy 2026-04-01 21:37:56 +02:00
Stéphane Lesimple
e23712129d enh: rework is_cpu_affected() to enhance maintainability 2026-04-01 21:36:45 +02:00
Stéphane Lesimple
43c515ac74 enh: CVE-2017-5715 (spectre v2): make vuln assessment cap_bhi-aware 2026-04-01 21:34:12 +02:00
Stéphane Lesimple
8c3fb7b2cc enh: CVE-2024-36357 CVE-2024-36350 (TSA): inventory of sysfs strings + consider vuln if TSA mitigation forced to user/kernel on hypervisors 2026-04-01 21:12:23 +02:00
Stéphane Lesimple
d05601ed3f feat: add CVE-2023-20593 (Zenbleed) mitigation detection for BSD 2026-04-01 21:12:23 +02:00
Stéphane Lesimple
690725ccc1 enh: add BSD stubs for CVE-2022-40982 CVE-2023-20569 CVE-2023-23583, detecting unaffected CPUs 2026-04-01 21:12:23 +02:00
Stéphane Lesimple
4875b4c71c feat: add CVE-2020-0543 (SRBDS) mitigation detection under BSD 2026-04-01 21:12:23 +02:00
Stéphane Lesimple
2b603c68ce feat: add CVE-2019-11135 (TAA) mitigation detection under BSD 2026-04-01 21:12:23 +02:00