ALERT Kernel Vulnerability Checker

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
Here is a handy way to check for kernel issues with Specter and Meltdown...

Code:
git clone https://github.com/speed47/spectre-meltdown-checker.git
 
Last edited:

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,168
Reaction score
5,199
Looks like CentOS/SL still have a problem:

DTLvO2GWkAIDCRs.jpg
 

Jose Pinto

Member
Joined
Oct 26, 2017
Messages
148
Reaction score
20
Hi
Woothosting 1v core 2gb / 20gb hd/ ( too slow).

Spectre and Meltdown mitigation detection tool v0.25

Checking for vulnerabilities against live running kernel Linux 2.6.32-042stab125.5 #1 SMP Tue Oct 17 12:48:22 MSK 2017 x86_64

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: UNKNOWN (couldn't find your kernel image in /boot, if you used netboot, this is normal)
> STATUS: UNKNOWN (impossible to check )

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Hardware (CPU microcode) support for mitigation: UNKNOWN (couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?)
* Kernel support for IBRS: NO
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* Mitigation 2
* Kernel compiled with retpoline option: UNKNOWN (couldn't read your kernel configuration)
* Kernel compiled with a retpoline-aware compiler: UNKNOWN (couldn't find your kernel image or System.map)
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): UNKNOWN (couldn't read your kernel configuration nor System.map file)
* PTI enabled and active: NO
> STATUS: VULNERABLE (PTI is needed to mitigate the vulnerability)
 
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top