Commit Graph

  • 34c6095912 fix: Linux 6.9+ changed some config options names (#490) master Stéphane Lesimple 2024-08-04 14:13:52 +02:00
  • e806e4bc41 chore: docker compose v2 Stéphane Lesimple 2024-08-04 13:45:29 +02:00
  • 388d44edbd Fix Retpoline detection for Linux 6.9+ (issue #490) Ivan Zahariev 2024-07-26 14:12:57 +03:00
  • bd0c7c94b5 fix: typo introduced by #483, fixes #486 Stéphane Lesimple 2024-05-18 12:56:07 +02:00
  • d70e4c2974 fwdb: update to v296+i20240514+988c Stéphane Lesimple 2024-05-18 12:55:43 +02:00
  • 4e29fb5a21 fix: ucode_platformid_mask is hexa (fixes #485) Stéphane Lesimple 2024-01-17 16:55:24 +01:00
  • 0f2edb1a71 feat: blacklist some more microcodes (fixes #475) Stephane Lesimple 2024-01-09 18:50:26 +01:00
  • 8ac2539a2a fix: microcode check now supports pf_mask (fixes #482) Stephane Lesimple 2024-01-09 16:56:16 +01:00
  • 97f4d5f2bc feat(reptar): add detection and mitigation of Reptar Stéphane Lesimple 2023-11-17 12:17:12 +01:00
  • 9b7b09ada3 fix(inception): continued mitigation detection Stéphane Lesimple 2023-08-25 11:42:57 +02:00
  • c94811e63d fix(inception): Zen1/2 results based on kernel mitigations Sébastien Mériot 2023-08-16 15:54:13 +00:00
  • 3e67047c73 feat(inception): README Sébastien Mériot 2023-08-14 16:43:10 +00:00
  • ecee75716e feat(inception): kernel checks + sbpb support detection Sébastien Mériot 2023-08-14 16:37:51 +00:00
  • fb6933dc64 feat(inception): Zen1/2 IBPB and SMT checks Sébastien Mériot 2023-08-14 09:34:48 +00:00
  • dc6921a1ac feat(inception): handle sysfs interface Stéphane Lesimple 2023-08-12 11:32:32 +02:00
  • 3167762cfd feat(inception): start supporting AMD inception Sébastien Mériot 2023-08-11 17:21:01 +00:00
  • 44223c5308 fix: bsd: kernel version detection Stéphane Lesimple 2023-08-11 17:49:36 +02:00
  • dbe208fc48 enh: downfall: detect kernel mitigation without sysfs Stéphane Lesimple 2023-08-11 17:17:06 +02:00
  • aca4e2a9b1 enh: move root warning to the bottom Stéphane Lesimple 2023-08-11 17:10:35 +02:00
  • c1c1ac4dbb feat(downfall): detection of the kernel mitigation relying on dmesg Sébastien Mériot 2023-08-10 09:05:44 +00:00
  • ba0daa6769 feat: downfall: add kernel soft mitigation support check Stéphane Lesimple 2023-08-10 02:00:47 +02:00
  • 227c0aab1e feat(downfall): add downfall checks Sébastien Mériot 2023-08-09 14:50:22 +00:00
  • 8ba3751cf7 fwdb: update to latest Intel ucode versions Stéphane Lesimple 2023-08-09 10:30:00 +02:00
  • d013c0a7d2 doc: add kernel src as additional ucode version source Stéphane Lesimple 2023-08-01 10:21:20 +02:00
  • cbe8ba10ce fix: inteldb: cpuid 0x00090660 and 0x000A0680 Stéphane Lesimple 2023-07-30 13:19:04 +02:00
  • 9c2587bca5 enh: when CPUID can't be read, built it by ourselves Stéphane Lesimple 2023-07-30 11:55:12 +02:00
  • 2a5ddc87bf feat: add Intel known affected processors DB Stéphane Lesimple 2023-07-30 11:53:59 +02:00
  • 2ef6c1c80e enh: factorize file download func Stéphane Lesimple 2023-07-28 19:45:07 +02:00
  • 3c224018f4 chore: update disclaimer and FAQ Stéphane Lesimple 2023-07-28 19:43:40 +02:00
  • b8f8c81d51 release v0.46 v0.46 Stéphane Lesimple 2023-07-26 18:04:47 +02:00
  • f34dd5fa7b enh: assume CPU is immune to Zenbleed regardless of vendor except AMD Stéphane Lesimple 2023-07-26 17:52:33 +02:00
  • c0869d7341 enh: zenbleed: give a manual mitigation in --explain Stéphane Lesimple 2023-07-26 16:30:20 +02:00
  • e99a548dcc fix: fms2cpuid was incorrect for families > 0xF Stéphane Lesimple 2023-07-26 14:17:36 +02:00
  • 3d475dfaec feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly Stéphane Lesimple 2023-07-26 13:55:19 +02:00
  • cba5010c2a chore: fix typo Stéphane Lesimple 2023-07-26 11:59:33 +02:00
  • c5661f098f enh: add --explain text for Zenbleed Stéphane Lesimple 2023-07-26 10:46:34 +02:00
  • 6844c01242 enh: add zenbleed support to the --variant option Stéphane Lesimple 2023-07-26 10:35:07 +02:00
  • 0811f28ac6 fix: arm is not affected by zenbleed ShadowCurse 2023-07-25 18:45:35 +01:00
  • 9bb79a18eb feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614 Stéphane Lesimple 2023-07-25 12:09:05 +02:00
  • 0d93c6ffb4 feat: arm: add Neoverse-N2 and Neoverse-V2 George Cherian 2023-06-09 16:33:29 +05:30
  • 6a61df200e update: fwdb to v266+i20230512 Stéphane Lesimple 2023-05-13 10:18:36 +02:00
  • e4b313fe79 feat: arm: add Neoverse-V1 ShadowCurse 2023-02-25 16:18:56 +00:00
  • a2843575be fix: docker: adding missing utils (fixes #433) Stéphane Lesimple 2022-03-30 13:07:21 +02:00
  • 60c71ccb7a Add support for Guix System kernel. Hilton Chain 2022-11-05 23:22:31 +08:00
  • 48abeb5950 fix: bad exitcode with --update-fwdb due to trap exit Stéphane Lesimple 2023-02-24 20:55:41 +01:00
  • 3c988cc73a fix: rewrite SQL to be sqlite3 >= 3.41 compatible Stéphane Lesimple 2023-02-24 20:36:37 +01:00
  • bea5cfc3b8 Fix typo: /devnull file created in filesystem glitsj16 2022-12-21 00:52:51 +00:00
  • b68ebe67f2 fix: fwdb: ignore MCEdb versions where an official Intel version exists (fixes #430) Stéphane Lesimple 2022-03-29 19:10:31 +02:00
  • a6c943d38f release v0.45 v0.45 Stéphane Lesimple 2022-03-27 12:39:48 +02:00
  • dd162301ff chore: update fwdb to v222+i20220208 Stéphane Lesimple 2022-03-27 12:32:26 +02:00
  • 5f6471d9a4 feat: set default TMPDIR for Android (#415) Stéphane Lesimple 2022-03-22 22:32:40 +01:00
  • 2a5b965b98 feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied Stéphane Lesimple 2022-03-23 11:12:37 +01:00
  • ee266d43b7 chore: fix indentation Stéphane Lesimple 2022-03-21 22:20:57 +01:00
  • b61baa90df feat: bsd: for unimplemented CVEs, at least report when CPU is not affected Stéphane Lesimple 2022-03-20 13:17:04 +01:00
  • a98d92f8bc chore: wording: model not vulnerable -> model not affected Stéphane Lesimple 2022-03-20 13:16:27 +01:00
  • b7c8c4115a feat: implement detection for MCEPSC under BSD Stéphane Lesimple 2022-03-20 13:05:48 +01:00
  • 4e7c52767d chore: update Intel Family 6 models Stéphane Lesimple 2022-03-20 12:09:29 +01:00
  • 8473d9ba6b chore: ensure vars are set before being dereferenced (set -u compat) Stéphane Lesimple 2022-03-20 12:05:33 +01:00
  • 0af4830224 fix: is_ucode_blacklisted: fix some model names Stéphane Lesimple 2022-03-20 11:35:39 +01:00
  • 81a4329d71 feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 Stéphane Lesimple 2022-03-20 11:04:57 +01:00
  • 3679776f3c chore: only attempt to load msr and cpuid module once Stéphane Lesimple 2022-03-20 00:55:49 +01:00
  • ba131fcd2f chore: read_cpuid: use named constants Stéphane Lesimple 2022-03-20 00:08:17 +01:00
  • ae6bc31c2c feat: hw check: add IPRED, RRSBA, BHI features check Stéphane Lesimple 2022-03-19 18:39:44 +01:00
  • 6d7a6b3666 feat: add subleaf != 0 support for read_cpuid Stéphane Lesimple 2022-03-19 18:39:10 +01:00
  • 16f2160be5 chore: fwdb: update to v220+i20220208 Stéphane Lesimple 2022-03-17 19:36:44 +01:00
  • 7cad9301b3 typo Aditya-Tolikar 2022-02-20 18:42:47 +05:30
  • 580549812a fix: retpoline: detection on 5.15.28+ (#420) Stéphane Lesimple 2022-03-17 19:14:32 +01:00
  • a485c7882a doc: readme: make the FAQ entry more visible Stéphane Lesimple 2021-05-25 13:22:08 +02:00
  • 7d13f7a0ef doc: add an FAQ entry about CVE support Stéphane Lesimple 2021-05-25 13:11:47 +02:00
  • 226b2375ab chore: speculative execution -> transient execution Stéphane Lesimple 2021-05-25 12:39:51 +02:00
  • 052a3e66d1 doc: more FAQ and README Stéphane Lesimple 2021-05-25 12:23:06 +02:00
  • 05d862709d fix: has_vmm false positive with pcp Stéphane Lesimple 2021-05-25 08:14:22 +02:00
  • 3846913899 fix: refuse to run under MacOS and ESXi Stéphane Lesimple 2021-05-24 22:39:47 +02:00
  • a87ace1f98 doc: add an FAQ.md and update the README.md accordingly Stéphane Lesimple 2021-05-24 20:15:32 +02:00
  • 0ba71a443e fix: mcedb: v191 changed the MCE table format Stéphane Lesimple 2021-05-24 12:49:25 +02:00
  • 3a486e9985 arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig Stéphane Lesimple 2020-06-06 18:27:29 +02:00
  • 23564cda5d fix: variant4: added case where prctl ssbd status is tagged as 'unknown' Stéphane Lesimple 2020-06-06 17:39:07 +02:00
  • 0ea21d09bd fix: extract_kernel: don't overwrite kernel_err if already set Stéphane Lesimple 2021-03-24 21:45:08 +01:00
  • 08e30e156d chore: readme: framapic is gone, host the screenshots on GitHub Stéphane Lesimple 2021-02-22 21:20:37 +01:00
  • 6d35e780f4 arm64: phytium: Add CPU Implementer Phytium Zhiyuan Dai 2020-12-30 17:16:40 +08:00
  • 4ec3154be0 chore: replace 'Vulnerable to' by 'Affected by' in the hw section Stéphane Lesimple 2020-11-10 18:52:54 +01:00
  • 843f26630d feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) Stéphane Lesimple 2020-11-09 18:54:01 +01:00
  • 7fc2ec65b9 bump to v0.44 v0.44 Stéphane Lesimple 2020-11-09 18:39:46 +01:00
  • c8cdfd54da chore: fwdb: update to v165.20201021+i20200616 Stéphane Lesimple 2020-11-08 21:01:33 +01:00
  • f0c33c7a32 fix: fwdb: use the commit date as the intel fwdb version Stéphane Lesimple 2020-11-08 21:00:32 +01:00
  • 9e874397da chore: fwdb: update to v163.20200930+i20200904 Stéphane Lesimple 2020-10-05 20:01:31 +02:00
  • 76cb73f3cb fix: fwdb: update Intel's repository URL Stéphane Lesimple 2020-10-05 20:01:01 +02:00
  • 90f23d286e chore: update fwdb to v160.20200912+i20200722 Stéphane Lesimple 2020-09-14 21:45:09 +02:00
  • e41e311a7f feat: add zstd kernel decompression (#370) Stéphane Lesimple 2020-09-14 21:29:33 +02:00
  • 1f75f01630 fwdb: update MCEdb to v148 & Intel firmwares to 2020-04-27 Stéphane Lesimple 2020-06-10 00:16:21 +02:00
  • 14a53b19da chore: add CVE to the README Stéphane Lesimple 2020-06-10 00:03:56 +02:00
  • d8f0ddd7a5 chore: fix indentation Stéphane Lesimple 2020-06-09 22:43:36 +02:00
  • 62d3448a54 Added support for SRBDS related vulnerabilities Agata Gruza 2020-04-16 03:59:28 -07:00
  • cb6d139629 chore: tests: now expect 15 CVEs instead of 14 (fix) Stéphane Lesimple 2020-06-09 22:55:25 +02:00
  • 7e2db09ed9 chore: tests: now expect 15 CVEs instead of 14 Stéphane Lesimple 2020-06-09 22:50:48 +02:00
  • 33cf1cde79 enh: arm: add experimental support for binary arm images Stéphane Lesimple 2019-11-24 22:45:38 +01:00
  • 4a3006e196 fix: arm64: cve-2017-5753: kernels 4.19+ use a different nospec macro Stéphane Lesimple 2019-11-23 18:01:36 +01:00
  • 36f98eff95 fwdb: update MCEdb to v147 & Intel firmwares to 2020-04-27 Stéphane Lesimple 2020-05-31 12:55:59 +02:00
  • fa7b8f9567 Typo xaitax 2020-04-03 10:19:25 +02:00
  • 3beefc2587 enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode Stéphane Lesimple 2020-03-10 22:13:55 +01:00