Greetings,
I have updated IpFire to the latest version.
On my machine, I now find myself with this new vulnerability in between
“Processor Vulnerability Mitigations”:
MMIO Stale Data (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166) --------- Unknown: No mitigations
I wanted to know about this vulnerability and if IpFire will be able to mitigate it in the future.
Thank you in advance.
Same here. It seems Intel cannot be bothered with too old CPUs.
Linux Update Acknowledges Your Old Intel CPUs Might Be Vulnerable To MMIO Stale Data
Would be nice to know your CPUs. ( Fireinfo ID is a good hint )
Thank you so much for the immediate replies.
I activated my FireInfo:
https://fireinfo.ipfire.org/profile/732fef80c785b15598d2a3c2afb59b5bfa5c7885
You guessed it!!!
My CPU is exactly
Intel(R) Celeron(R) CPU J3160 @ 1.60GHz x4
like the one of the cbrown ID.
I have one more question: while using IpFire, is it ok to ignore this vulnerability actually?
Thanks in advance for any future answers.
That is a difficult one to comment on. It very much depends on your network situation.
These hardware vulnerabilities typically require local access to your IPFire system and that, as far as I can see, is the case for the MMIO Stale Data vulnerability.
If your IPFire system is feeding a home network and you are the only person able to access the console system then it might be alright, presuming you are unlikely to be hacking yourself.
If your IPFire system is feeding a company network where a whole range of people might be able to access the console system who might have hacking skills then you might want to consider getting replacement hardware without the vulnerable processors that are not being mitigated by Intel.
Declaration - I am just a home user who is not deeply knowledgeable on these hardware vulnerabilities.
I have luckily had to replace my hardware recently and it has an AMD processor and so is not vulnerable to this issue.