On 2020-06-29 07:33, Sreyan Chakravarty wrote: > > Hi, > > Well guys, its time to panic once again. > > > I just found out my system is vulnerable to the new Crosstalk vulnerability > by running the popular Meltdown OVH script. > > More about the vulnerability over here: > > https://www.vusec.net/projects/crosstalk/ > > These exploits get worse each time, this one affects all cores. > > > This is how I tested for the vulnerability. > > Downloaded spectre-meltdown-checker.sh via : > > wget https://meltdown.ovh -O spectre-meltdown-checker.sh > > and then just executed with sudo. > > This is the output I got: > > * SRBDS mitigation control is enabled and active: NO > > STATUS: VULNERABLE (Your CPU microcode may need to be updated to mitigate > > the vulnerability) > > CVE-2020-0543:KO
I get CVE-2020-0543 aka 'Special Register Buffer Data Sampling (SRBDS)' * Mitigated according to the /sys interface: YES (Not affected) * SRBDS mitigation control is supported by the kernel: YES (found SRBDS implementation evidence in kernel image. Your kernel is up to date for SRBDS mitigation) * SRBDS mitigation control is enabled and active: NO > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not > vulnerable) This was reported fixed in microcode_ctl-2.1-39.fc32 as shown in the links you've provided. Do you have that package updated? -- The key to getting good answers is to ask good questions. _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
