Greetings,
I have updated IpFire to the latest version.
On my machine, I now find myself with this new vulnerability in between
“Processor Vulnerability Mitigations”:
MMIO Stale Data (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166) --------- Unknown: No mitigations
I wanted to know about this vulnerability and if IpFire will be able to mitigate it in the future.
Thank you in advance.
I activated my FireInfo: https://fireinfo.ipfire.org/profile/732fef80c785b15598d2a3c2afb59b5bfa5c7885
You guessed it!!!
My CPU is exactly
Intel(R) Celeron(R) CPU J3160 @ 1.60GHz x4
like the one of the cbrown ID.
I have one more question: while using IpFire, is it ok to ignore this vulnerability actually?
That is a difficult one to comment on. It very much depends on your network situation.
These hardware vulnerabilities typically require local access to your IPFire system and that, as far as I can see, is the case for the MMIO Stale Data vulnerability.
If your IPFire system is feeding a home network and you are the only person able to access the console system then it might be alright, presuming you are unlikely to be hacking yourself.
If your IPFire system is feeding a company network where a whole range of people might be able to access the console system who might have hacking skills then you might want to consider getting replacement hardware without the vulnerable processors that are not being mitigated by Intel.
Declaration - I am just a home user who is not deeply knowledgeable on these hardware vulnerabilities.
I have luckily had to replace my hardware recently and it has an AMD processor and so is not vulnerable to this issue.