You are not logged in.

#1 2021-03-08 17:37:21

xerxes_
Member
Registered: 2018-04-29
Posts: 776

Spectre exploits in the wild and Arch Linux security

Please read this short article and share your thoughts about it:
https://dustri.org/b/spectre-exploits-in-the-wild.html

Should /proc/kallsym be not readable by other users and groups then root? What else could be done?

Last edited by xerxes_ (2021-03-08 17:37:52)

Offline

#2 2021-03-08 17:45:10

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 23,187

Re: Spectre exploits in the wild and Arch Linux security

Spectre should already be mitigated by current microcode updates and kernels.

Online

#3 2021-03-08 17:54:04

xerxes_
Member
Registered: 2018-04-29
Posts: 776

Re: Spectre exploits in the wild and Arch Linux security

But what if someone has older system for which microcode don't apply to cpu? The only thing what he can count is newer kernel with hopefully working mitgations.

What is disturbing is that exploits are probably supporting Arch Linux.

And what for /proc/kallsym is used? If I make it readable only for root, may something in system break?

Last edited by xerxes_ (2021-03-08 17:54:47)

Offline

#4 2021-03-08 17:56:17

Scimmia
Fellow
Registered: 2012-09-01
Posts: 12,081

Re: Spectre exploits in the wild and Arch Linux security

xerxes_ wrote:

But what if someone has older system for which microcode don't apply to cpu?

Such as?

Offline

#5 2021-03-08 17:58:25

xerxes_
Member
Registered: 2018-04-29
Posts: 776

Re: Spectre exploits in the wild and Arch Linux security

Like system with Core 2 Duo like CPU. It looks like my CPU is not supported with microcode for long time now:

journalctl -b -g microcode
-- Journal begins at Wed 2020-12-23 20:36:54 CET, ends at Mon 2021-03-08 18:47:34 CET. --
mar 08 17:59:34 home kernel: microcode: microcode updated early to revision 0xa4, date = 2010-10-02
mar 08 17:59:34 home kernel: MDS: Vulnerable: Clear CPU buffers attempted, no microcode
mar 08 17:59:34 home kernel: microcode: sig=0x6fd, pf=0x1, revision=0xa4
mar 08 17:59:34 home kernel: microcode: Microcode Update Driver: v2.2.

Last edited by xerxes_ (2021-03-08 18:02:53)

Offline

#6 2021-03-08 18:08:27

mcloaked
Member
From: Yorkshire, UK
Registered: 2012-02-02
Posts: 1,276

Re: Spectre exploits in the wild and Arch Linux security

You can use the script at https://github.com/speed47/spectre-meltdown-checker to check if your system is vulnerable or not. I have not seen a system listed as vulnerable for quite some time since even if microcode updates aren't available for older systems usually the arch kernel is up to date with mitigations anyway.


Mike C

Offline

#7 2021-03-08 18:10:44

Scimmia
Fellow
Registered: 2012-09-01
Posts: 12,081

Re: Spectre exploits in the wild and Arch Linux security

Oh, you mean systems that don't have mitigations for this, not ones that don't apply microcode updates.

Offline

Board footer

Powered by FluxBB