mirror of
https://github.com/speed47/spectre-meltdown-checker.git
synced 2026-04-07 09:13:20 +02:00
42 lines
1.7 KiB
Bash
42 lines
1.7 KiB
Bash
# vim: set ts=4 sw=4 sts=4 et:
|
|
#######################
|
|
# Reptar section
|
|
|
|
# CVE-2023-23583 Reptar (redundant prefix issue) - entry point
|
|
check_CVE_2023_23583() {
|
|
check_cve 'CVE-2023-23583'
|
|
}
|
|
|
|
# CVE-2023-23583 Reptar (redundant prefix issue) - Linux mitigation check
|
|
check_CVE_2023_23583_linux() {
|
|
local status sys_interface_available msg
|
|
status=UNK
|
|
sys_interface_available=0
|
|
msg=''
|
|
|
|
# there is no sysfs file for this vuln, and no kernel patch,
|
|
# the mitigation is only ucode-based and there's no flag exposed,
|
|
# so most of the work has already been done by is_cpu_affected()
|
|
if ! is_cpu_affected "$cve"; then
|
|
pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
|
|
else
|
|
pr_info_nol "* Reptar is mitigated by microcode: "
|
|
if [ "$cpu_ucode" -lt "$g_reptar_fixed_ucode_version" ]; then
|
|
pstatus yellow NO "You have ucode $(printf "0x%x" "$cpu_ucode") and version $(printf "0x%x" "$g_reptar_fixed_ucode_version") minimum is required"
|
|
pvulnstatus "$cve" VULN "Your microcode is too old to mitigate the vulnerability"
|
|
else
|
|
pstatus green YES "You have ucode $(printf "0x%x" "$cpu_ucode") which is recent enough (>= $(printf "0x%x" "$g_reptar_fixed_ucode_version"))"
|
|
pvulnstatus "$cve" OK "Your microcode mitigates the vulnerability"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# CVE-2023-23583 Reptar (redundant prefix issue) - BSD mitigation check
|
|
check_CVE_2023_23583_bsd() {
|
|
if ! is_cpu_affected "$cve"; then
|
|
pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
|
|
else
|
|
pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script"
|
|
fi
|
|
}
|