You are not logged in.
- Topics: Active | Unanswered
#1 2022-03-31 09:06:12
- ndhakara
- Member
- Registered: 2015-01-16
- Posts: 25
Linux-lts v5.15.32-1 and Spectre v2 Vulnerablity Warning
After linux 5.17.1 update, I had to use lts kernel because of suspend problem. That's why I have no idea about prev. LTS versions but there is a log about Spectre v2 vulnerablity.
I checked 5.17, there is no log about the vulnerablity.
"Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks!"
Offline
#2 2022-05-13 18:19:07
- feNNec
- Member
- Registered: 2010-09-11
- Posts: 34
Re: Linux-lts v5.15.32-1 and Spectre v2 Vulnerablity Warning
The same for me
Any update?
BRgds
Offline
#3 2022-05-13 20:04:43
- LacrimasProfundere
- Member
- Registered: 2022-04-15
- Posts: 1
Re: Linux-lts v5.15.32-1 and Spectre v2 Vulnerablity Warning
These are for the Spectre V2 "Meltdown" patches as far as i'm aware. A fair number of people on the standard kernel as well as zen kernel manually disable this protection in their kernel parameters as well (mitigations=off), due to it supposedly giving a CPU performance increase.
I have mitigations=off for my laptop, I tried to do some research before adding that option as to whether the Spectre/Meldown was a legitimate threat to be aware of, or something that a home user likely wouldn't need to worry about. From what I could gather, a vulnerability (Spectre/meltdown) has been identified, but has never been used in a real world environment to "hack" anyone. It only exists as a proof of concept, and we have protection (mitigations) against that.
Basically, I don't believe this is a huge security risk or vulnerability to anyone of our systems. Myself and many other people turn this off ourselves. If anyone has more information on this or if I've said something incorrect, please let me know.
Offline