You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2024-08-22 21:35:06
- veist
- Member
- Registered: 2024-07-17
- Posts: 17
SRBDS: Vulnerable: No Microcode
Hello, I have installed Arch before on a different computer and I am now trying on a laptop. I followed my old notes and everything went well up until:
# grep -r . /sys/devices/system/cpu/vulnerabilities
...
/sys/devices/system/cpu/vulnerabilities/srbds:Vulnerable: No microcode
...I ran # pacman -Syu intel-ucode and it installed, which leads me to believe I may have forgotten to install it during the installation process. I have tried both # mkinitcpio -P and # mkinitcpio -p linux and rebooted but it hasn't helped. The hooks in mkinitcpio.conf are the default and the same as my other computer (autodetect is before microcode).
I've inspected /proc/cpuinfo in vim and it lists my CPU as "Intel(R) Pentium(R) Silver N6000 @ 1.10GHz". It also has microcode listed "0x24000026" for each core.
I am using efibootmgr to boot.
I am not sure where to go from here, thanks for any help.
Offline
#2 2024-08-23 03:10:44
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,726
Re: SRBDS: Vulnerable: No Microcode
Did you see the bottom of the microcode wiki page, where it tells you how to see what's available for your CPU? It's possible Intel just hasn't released a fix for it for your CPU.
Online
#3 2024-08-24 00:12:16
- veist
- Member
- Registered: 2024-07-17
- Posts: 17
Re: SRBDS: Vulnerable: No Microcode
Thank you, I did not. The link is dead, but I found an Intel Microcode page. I determined my CPUID is 06-9c-00, for which there is microcode on their github.
# modprobe cpuid
# iucode_tool -lS /usr/lib/firmware/intel-ucode
... a lot of microcode bundles ...
selected microcodes:
063/001: sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480# grep microcode /proc/cpuinfo
microcode : 0x24000026
microcode : 0x24000026
microcode : 0x24000026
microcode : 0x24000026I'm not sure if I am interpreting this correctly, but the microcode appears to be up to date but is not loading:
# journalctl -k --grep='microcode:'
--no ouputOffline
#4 2024-08-24 03:28:16
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,726
Re: SRBDS: Vulnerable: No Microcode
If it's up to date, there's nothing to load.
Online
#5 2024-08-27 00:05:20
- veist
- Member
- Registered: 2024-07-17
- Posts: 17
Re: SRBDS: Vulnerable: No Microcode
Thanks, I don't know much about microcode. Does this mean the microcode is loaded, but Intel hasn't yet done anything about the SRDBS vulnerability?
Offline
#6 2024-08-27 07:34:18
- V1del
- Forum Moderator
- Registered: 2012-10-16
- Posts: 25,208
Re: SRBDS: Vulnerable: No Microcode
basically... sometimes microcode updates only reach actual board vendors and are not pushed to the microcode packages, is an UEFI update available for your system?
Offline
#7 2024-08-30 00:11:58
- veist
- Member
- Registered: 2024-07-17
- Posts: 17
Re: SRBDS: Vulnerable: No Microcode
There is - I was actually looking into altering the BGRT boot logo and discovered my BIOS/UEFI needed to be updated. There is also an Intel update which may be related. Unfortunately, Lenovo only has .exe's and I have wiped Windows entirely from my laptop, which is also not yet supported by fwupd. I tried updating with just the .exe but it didn't recognize the file on the usb. I temporarily gave up on it but will keep looking into it as it sound like that is likely the issue. Thanks for your help!
Offline
Pages: 1