dbe208fc48
enh: downfall: detect kernel mitigation without sysfs
2023-08-11 18:10:27 +02:00
aca4e2a9b1
enh: move root warning to the bottom
2023-08-11 18:10:27 +02:00
c1c1ac4dbb
feat(downfall): detection of the kernel mitigation relying on dmesg
2023-08-10 11:14:40 +02:00
ba0daa6769
feat: downfall: add kernel soft mitigation support check
2023-08-10 11:14:40 +02:00
227c0aab1e
feat(downfall): add downfall checks
2023-08-10 11:14:40 +02:00
8ba3751cf7
fwdb: update to latest Intel ucode versions
2023-08-09 10:35:08 +02:00
d013c0a7d2
doc: add kernel src as additional ucode version source
2023-08-01 10:22:15 +02:00
cbe8ba10ce
fix: inteldb: cpuid 0x00090660 and 0x000A0680
2023-07-30 13:21:38 +02:00
9c2587bca5
enh: when CPUID can't be read, built it by ourselves
2023-07-30 12:21:12 +02:00
2a5ddc87bf
feat: add Intel known affected processors DB
2023-07-30 12:21:12 +02:00
2ef6c1c80e
enh: factorize file download func
2023-07-28 20:03:16 +02:00
3c224018f4
chore: update disclaimer and FAQ
2023-07-28 20:03:16 +02:00
b8f8c81d51
release v0.46
2023-07-26 18:07:02 +02:00
f34dd5fa7b
enh: assume CPU is immune to Zenbleed regardless of vendor except AMD
...
This contradicts our usual "if we don't know, consider vulnerable" motto,
but as this vuln is extremely specific (which is not the case for the Spectre
range of vulnerabilities, for example), this is the correct approach here.
2023-07-26 17:54:44 +02:00
c0869d7341
enh: zenbleed: give a manual mitigation in --explain
2023-07-26 16:38:02 +02:00
e99a548dcc
fix: fms2cpuid was incorrect for families > 0xF
2023-07-26 14:33:11 +02:00
3d475dfaec
feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly
2023-07-26 13:57:05 +02:00
cba5010c2a
chore: fix typo
2023-07-26 13:57:05 +02:00
c5661f098f
enh: add --explain text for Zenbleed
2023-07-26 10:56:45 +02:00
6844c01242
enh: add zenbleed support to the --variant option
2023-07-26 10:46:38 +02:00
0811f28ac6
fix: arm is not affected by zenbleed
2023-07-25 19:59:59 +02:00
9bb79a18eb
feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614
2023-07-25 17:54:59 +02:00
0d93c6ffb4
feat: arm: add Neoverse-N2 and Neoverse-V2
...
Signed-off-by: George Cherian <george.cherian@marvell.com >
2023-06-18 12:19:02 +02:00
6a61df200e
update: fwdb to v266+i20230512
2023-05-13 10:27:03 +02:00
e4b313fe79
feat: arm: add Neoverse-V1
2023-04-22 11:17:06 +02:00
a2843575be
fix: docker: adding missing utils ( fixes #433 )
2023-02-24 21:35:55 +01:00
60c71ccb7a
Add support for Guix System kernel.
2023-02-24 20:58:45 +01:00
48abeb5950
fix: bad exitcode with --update-fwdb due to trap exit
2023-02-24 20:57:43 +01:00
3c988cc73a
fix: rewrite SQL to be sqlite3 >= 3.41 compatible
...
closes #443
2023-02-24 20:54:40 +01:00
bea5cfc3b8
Fix typo: /devnull file created in filesystem
2023-02-24 19:42:16 +01:00
b68ebe67f2
fix: fwdb: ignore MCEdb versions where an official Intel version exists ( fixes #430 )
2022-03-30 09:10:55 +02:00
a6c943d38f
release v0.45
2022-03-27 12:41:17 +02:00
dd162301ff
chore: update fwdb to v222+i20220208
2022-03-27 12:38:44 +02:00
5f6471d9a4
feat: set default TMPDIR for Android ( #415 )
2022-03-27 12:31:05 +02:00
2a5b965b98
feat: add --allow-msr-write, no longer write by default ( #385 ), detect when writing is denied
2022-03-24 12:37:19 +01:00
ee266d43b7
chore: fix indentation
2022-03-21 22:22:33 +01:00
b61baa90df
feat: bsd: for unimplemented CVEs, at least report when CPU is not affected
2022-03-21 22:22:33 +01:00
a98d92f8bc
chore: wording: model not vulnerable -> model not affected
2022-03-21 22:22:33 +01:00
b7c8c4115a
feat: implement detection for MCEPSC under BSD
2022-03-21 22:22:33 +01:00
4e7c52767d
chore: update Intel Family 6 models
2022-03-21 22:22:33 +01:00
8473d9ba6b
chore: ensure vars are set before being dereferenced (set -u compat)
2022-03-21 22:22:33 +01:00
0af4830224
fix: is_ucode_blacklisted: fix some model names
2022-03-21 22:22:33 +01:00
81a4329d71
feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208
2022-03-21 22:22:33 +01:00
3679776f3c
chore: only attempt to load msr and cpuid module once
2022-03-21 22:22:33 +01:00
ba131fcd2f
chore: read_cpuid: use named constants
2022-03-21 22:22:33 +01:00
ae6bc31c2c
feat: hw check: add IPRED, RRSBA, BHI features check
2022-03-21 22:22:33 +01:00
6d7a6b3666
feat: add subleaf != 0 support for read_cpuid
2022-03-21 22:22:33 +01:00
16f2160be5
chore: fwdb: update to v220+i20220208
2022-03-17 19:39:39 +01:00
7cad9301b3
typo
...
'A' is more 'X' *than 'B'.
Previously: 'A' is more 'X' that 'B'.
2022-03-17 19:26:12 +01:00
580549812a
fix: retpoline: detection on 5.15.28+ ( #420 )
2022-03-17 19:25:24 +01:00
