Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Distributions > Zenwalk
User Name
Zenwalk This forum is for the discussion of Zenwalk Linux.


  Search this Thread
Old 03-03-2018, 08:50 AM   #1
Registered: Aug 2017
Location: Wild West
Distribution: Arch,Tumbleweed,BLFS 9.0
Posts: 227

Rep: Reputation: Disabled
Meltdown -Spectre test results

Hi all,
When will this be fixed with Zenwalk?
I like this os

bash-4.4$ su
bash-4.4# ./
Spectre and Meltdown mitigation detection tool v0.35

Checking for vulnerabilities on current system
Kernel is Linux 4.9.67 #2 SMP Tue Dec 5 16:29:07 CST 2017 x86_64
CPU is Intel(R) Core(TM) i5-3340M CPU @ 2.70GHz

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: NO
* CPU indicates IBRS capability: NO
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: NO
* CPU indicates IBPB capability: NO
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: NO
* CPU indicates STIBP capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU microcode is known to cause stability problems: NO (model 58 stepping 9 ucode 0x15)
* CPU vulnerability to the three speculative execution attacks variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: YES

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Kernel has array_index_mask_nospec: NO
* Kernel has the Red Hat/Ubuntu patch: NO
* Checking count of LFENCE instructions following a jump in kernel... NO (only 18 jump-then-lfence instructions found, should be >= 30 (heuristic))
> STATUS: VULNERABLE (Kernel source needs to be patched to mitigate the vulnerability)

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: NO
* Currently enabled features
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* IBPB enabled: NO
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): NO
* PTI enabled and active: NO
* Running as a Xen PV DomU: NO
> STATUS: VULNERABLE (PTI is needed to mitigate the vulnerability)

A false sense of security is worse than no security at all, see --disclaimer
Old 03-04-2018, 03:02 AM   #2
Senior Member
Registered: Oct 2005
Location: Horgau, Germany
Distribution: Manjaro KDE, Win 10
Posts: 2,199

Rep: Reputation: 164Reputation: 164
This is a problem with the CPU.
Bios Update or microcode update.
Old 03-06-2018, 03:24 PM   #3
Registered: Aug 2017
Location: Wild West
Distribution: Arch,Tumbleweed,BLFS 9.0
Posts: 227

Original Poster
Rep: Reputation: Disabled


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Spectre & Meltdown gillsman Linux - Newbie 2 01-28-2018 08:12 AM
Vulnerabilities such as Meltdown and Spectre caseyl Linux - Security 7 01-22-2018 09:14 PM
Meltdown and Spectre ots3go Solaris / OpenSolaris 1 01-10-2018 04:15 AM
12 SP1 no patch for Meltdown and Spectre ? czezz SUSE / openSUSE 1 01-05-2018 04:24 AM > Forums > Linux Forums > Linux - Distributions > Zenwalk

All times are GMT -5. The time now is 02:58 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration