Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

Spectre-Meltdown vulnerabilities.

Started by nemomen, May 05, 2021, 08:59:57 AM

Previous topic - Next topic

nemomen

Hello every Sparkers.
Just a little question by a green-horner.
When I run the spectre-meltdown-checker as user I had found vulnerabilities, and when I run it as sudo at the same time I had found no vulnerabilities.
Of course, the commands of update-grub/grub2 had been updated every times.
I do not understand/know right now, is the whole system vulnerable or it isn't?
If the answer 'yes', how can I fix it (forever).
The system is: SparkyLinux 5.15 Nibiru 64bit UEFI Xfce.
Thanks in advance and be healthy
nemomen

paxmark1

have you looked at

https://wiki.debian.org/DebianSecurity/SpectreMeltdown

Section for you is probably
64-bit PC (amd64)       This includes the intel processors.   Seems to be all green for 4.19  for Debians end of it.   They cite about a possible need for hardware fixes from vendor for Spectre2

more info on specific binaries of checker at

https://tracker.debian.org/pkg/spectre-meltdown-checker

If you are in stable (which it appears you are, you will get a fresher binary via backports. 

I am just a hobbyist and not an expert on this.   Others would know more about the Sparky linux kernel, but as for myself, you are probably much safer than in windows and Debian has been very serious about security for decades.    The  safety of Debian with the flexbiliity and bells and whistles of Sparky.     

Search forum for "More info easier via inxi"    If requested -  no inxi, no help for you by  me.

nemomen

Hello paxmark1, hello Sparkers!
thanks for your respond. You are right, I always use stable releases.
Detailed:
On the website for the first code all items are in green, and I have regularly update grub/grub2, so I think, they are correct.
On the website for the second code, I could not find any similar items, like mine.
And I do repeat my statement: only when I run the command as normal user led to the CVE-2018-3640 and CVE-2018-3615 affected results, which are not stated on the websites. Running the command as root, and I always run it as root, never led the other, than clean result.
I do not understand, what would be the reason of the difference of normal user and root in this case.
Care safe!
nemomen


View the most recent posts on the forum