possible false positive result on CVE-2020-0543 for Intel i5-7400

speed47 / spectre-meltdown-checker

Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD

3.86k stars 476 forks source link

possible false positive result on CVE-2020-0543 for Intel i5-7400 #392

Closed pme-90-zz closed 3 years ago

pme-90-zz commented 3 years ago

I have an HP pavilion desktop with Intel i5-7400 processor when running spectre checker with --hw-only switch it shows that my cpu is vulnerable to CVE-2020-0543 :

Vulnerable to CVE-2020-0543 (Special Register Buffer Data Sampling (SRBDS)): YES

even though HP has provided a BIOS update to mitigate the CVE back in june 2020.

correct me if im wrong here please.

lk77 commented 3 years ago

I have a similar issue,

CVE-2020-0543 is fixed by 3.20200609.0ubuntu0.20.04.0 and i'm at 3.20210216.0ubuntu0.20.04.1 so my microcode is up to date.

cpu model :

Intel(R) Xeon(R) CPU E3-1225 V2 @ 3.20GHz