You are not logged in.
- Topics: Active | Unanswered
#1 2021-03-08 17:37:21
- xerxes_
- Member
- Registered: 2018-04-29
- Posts: 776
Spectre exploits in the wild and Arch Linux security
Please read this short article and share your thoughts about it:
https://dustri.org/b/spectre-exploits-in-the-wild.html
Should /proc/kallsym be not readable by other users and groups then root? What else could be done?
Last edited by xerxes_ (2021-03-08 17:37:52)
Offline
#2 2021-03-08 17:45:10
- V1del
- Forum Moderator
- Registered: 2012-10-16
- Posts: 23,181
Re: Spectre exploits in the wild and Arch Linux security
Spectre should already be mitigated by current microcode updates and kernels.
Offline
#3 2021-03-08 17:54:04
- xerxes_
- Member
- Registered: 2018-04-29
- Posts: 776
Re: Spectre exploits in the wild and Arch Linux security
But what if someone has older system for which microcode don't apply to cpu? The only thing what he can count is newer kernel with hopefully working mitgations.
What is disturbing is that exploits are probably supporting Arch Linux.
And what for /proc/kallsym is used? If I make it readable only for root, may something in system break?
Last edited by xerxes_ (2021-03-08 17:54:47)
Offline
#4 2021-03-08 17:56:17
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,081
Re: Spectre exploits in the wild and Arch Linux security
But what if someone has older system for which microcode don't apply to cpu?
Such as?
Offline
#5 2021-03-08 17:58:25
- xerxes_
- Member
- Registered: 2018-04-29
- Posts: 776
Re: Spectre exploits in the wild and Arch Linux security
Like system with Core 2 Duo like CPU. It looks like my CPU is not supported with microcode for long time now:
journalctl -b -g microcode
-- Journal begins at Wed 2020-12-23 20:36:54 CET, ends at Mon 2021-03-08 18:47:34 CET. --
mar 08 17:59:34 home kernel: microcode: microcode updated early to revision 0xa4, date = 2010-10-02
mar 08 17:59:34 home kernel: MDS: Vulnerable: Clear CPU buffers attempted, no microcode
mar 08 17:59:34 home kernel: microcode: sig=0x6fd, pf=0x1, revision=0xa4
mar 08 17:59:34 home kernel: microcode: Microcode Update Driver: v2.2.Last edited by xerxes_ (2021-03-08 18:02:53)
Offline
#6 2021-03-08 18:08:27
- mcloaked
- Member
- From: Yorkshire, UK
- Registered: 2012-02-02
- Posts: 1,276
Re: Spectre exploits in the wild and Arch Linux security
You can use the script at https://github.com/speed47/spectre-meltdown-checker to check if your system is vulnerable or not. I have not seen a system listed as vulnerable for quite some time since even if microcode updates aren't available for older systems usually the arch kernel is up to date with mitigations anyway.
Mike C
Offline
#7 2021-03-08 18:10:44
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,081
Re: Spectre exploits in the wild and Arch Linux security
Oh, you mean systems that don't have mitigations for this, not ones that don't apply microcode updates.
Offline