Spectre – Meltdown checker (linux)

I have just tried on my not so new pc this interesting script: Specter-Meltdown-Checker , as specified also in instructions, it is not a bible, but surely it is something could give you very useful informations – this script give you the possibility to check your pc vulnerability to  Spectre (2 variants) and Meltdown.

Pc features:
Intel I5-3470 (ivy bridge) 3.20 GHz
Kernel: 4.14.13-1-ARCH
8 GB ram
Arch Linux
Nvidia Geforce Gt-630
full Hardware details are here , (i have used lshw command)

i downloaded  and extracted .zip file ,
then i applied execute permission to .sh file through chmod +x

Then i have executed the script (Is recommended to execute script being root)
after password insertion, the script can run:below results:

Spectre Variant 1 (CVE-2017-5753 bounds check bypass)
final result is
 

Spectre Variant 2 (CVE-2017-5715 branch target injection)
as you can see, script try to check if in my machine are some mitigations 

final result is
 
 

Meltdown (CVE-2017-5754 rogue data cache load)
In that case result was positive, thanks Kernel 🙂

 Just for curiosity i have also executed script without root permission (i know, have no sense but i wanted see differences) below you can see what happens:

Obviously script will warn you, then will start


Spectre (Variant 1)
only differences are B^B^B^checking LFENCE while outcome (UNKNOWN) and especially final result (VULNERABLE) are exactly the same you can see executing script as root

Spectre (Variant 2)
during mitigation 1 check there is a read permission error (predictable considering we don’t have root permission) on /dev/cpu/0/msr , so script can’t check cpu microcode

Rest of other checks (IBRS kernel support,kernel space,user space etc) were identical as reported above , included final result (VULNERABLE)

Meltdown
Identical result as reported above (NOT VULNERABLE)

This entry was posted in Gnu-Linux, Tech news - tutorials. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *