Core 169 testing and change status vulnerability

Hi,

since the Core 169 testing update, my Spectre Variant 4 vulnerability (CVE-2018-3639) moved from “Not Affected” to “Vulnerable”…

Anyone see the same change ?

I have noticed the same recently. Although the spectre-meltdown-checker also now shows the same where before it didn’t.

It might be time for us to upgrade :joy:

spectre-meltdown-checker:

2 Likes

Hi,
My Core169 test box shows Mitigated (same as before).

spectre

1 Like

spectre-meltdown-checker was upgraded to version 0.45 in Core Update 168.

3 Likes

Hi,

if I recall correctly, the spectre-meltdown-checker update indeed caused a more accurate reporting of CPU vulnerabilities on my machines. Specifically, one it was actually not vulnerable to has always been reported the other way round before; version 0.45 fixed this.

As for the general sentiment, the output of spectre-meltdown-checker appears to be a bit more accurate than the CGI status (which is solely derived from the kernel’s own findings), so it might be useful to cross-check both if in doubt.

There may well be a correction regarding Spectre v4 in the upstream kernel. I did not checked for that, but that particular one is a tricky beast, and it is possible that more CPU models are affected by it than previously assessed.

Brave new world, I guess. :expressionless:

Thanks, and best regards,
Peter Müller

2 Likes

Yep. I have that status " Vulnerable" already in core 168! :+1: So it’s not new.

1 Like

After upgrading to CU169 stable mitigation is enabled again. I can’t complain :+1:

Same here since CU 169 stable (vulnerable > not affected)

Hi all,

just for the records: You may well see Specte v2 flapping back from “mitigated” to “vulnerable” on your machines.

Sorry to disappoint, and best regards,
Peter Müller

1 Like