search

speed47 / spectre-meltdown-checker

Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
3.84k stars 477 forks source link

Issue with dash on new ubuntu 23.10 #485

Closed kohnw closed 6 months ago

kohnw commented 7 months ago

Hi, using the script on latest Ubuntu 23.10 causes an error. It seems that they use dash instead of bash now. When i enforce bash by changing #! /bin/sh to #! /bin/bash it is fine again:

 welo@welo-Default-string:~$ sudo ./spectre-meltdown-checker.sh
[sudo] password for welo:
Spectre and Meltdown mitigation detection tool v0.46+

Checking for vulnerabilities on current system
Kernel is Linux 6.5.0-14-generic #14-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 14 14:59:49 UTC 2023 x86_64
CPU is Intel(R) Xeon(R) W-11865MLE @ 1.50GHz

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
  * Indirect Branch Restricted Speculation (IBRS)
    * SPEC_CTRL MSR is available:  YES
    * CPU indicates IBRS capability:  YES  (SPEC_CTRL feature bit)
  * Indirect Branch Prediction Barrier (IBPB)
    * CPU indicates IBPB capability:  YES  (SPEC_CTRL feature bit)
  * Single Thread Indirect Branch Predictors (STIBP)
    * SPEC_CTRL MSR is available:  YES
    * CPU indicates STIBP capability:  YES  (Intel STIBP feature bit)
  * Speculative Store Bypass Disable (SSBD)
    * CPU indicates SSBD capability:  YES  (Intel SSBD)
  * L1 data cache invalidation
    * CPU indicates L1D flush capability:  YES  (L1D flush feature bit)
  * Microarchitectural Data Sampling
    * VERW instruction is available:  YES  (MD_CLEAR feature bit)
  * Indirect Branch Predictor Controls
    * Indirect Predictor Disable feature is available:  NO
    * Bottomless RSB Disable feature is available:  NO
    * BHB-Focused Indirect Predictor Disable feature is available:  NO
  * Enhanced IBRS (IBRS_ALL)
    * CPU indicates ARCH_CAPABILITIES MSR availability:  YES
    * ARCH_CAPABILITIES MSR advertises IBRS_ALL capability:  YES
  * CPU explicitly indicates not being affected by Meltdown/L1TF (RDCL_NO):  YES
  * CPU explicitly indicates not being affected by Variant 4 (SSB_NO):  NO
  * CPU/Hypervisor indicates L1D flushing is not necessary on this system:  YES
  * Hypervisor indicates host CPU might be affected by RSB underflow (RSBA):  NO
  * CPU explicitly indicates not being affected by Microarchitectural Data Sampling (MDS_NO):  YES
  * CPU explicitly indicates not being affected by TSX Asynchronous Abort (TAA_NO):  NO
  * CPU explicitly indicates not being affected by iTLB Multihit (PSCHANGE_MSC_NO):  YES
  * CPU explicitly indicates having MSR for TSX control (TSX_CTRL_MSR):  NO
  * CPU explicitly indicates being affected by GDS and having mitigation control (GDS_CTRL):  YES
    * GDS microcode mitigation is disabled (GDS_MITG_DIS):  NO
    * GDS microcode mitigation is locked in enabled state (GDS_MITG_LOCK):  NO
  * CPU explicitly indicates not being affected by GDS (GDS_NO):  NO
  * CPU supports Transactional Synchronization Extensions (TSX):  NO
  * CPU supports Software Guard Extensions (SGX):  NO
  * CPU supports Special Register Buffer Data Sampling (SRBDS):  NO
  * CPU microcode is known to cause stability problems:  NO  (family 0x6 model 0x8d stepping 0x1 ucode 0x4e cpuid 0x806d1 pfid 0x1)
  * CPU microcode is the latest known available version:  UNKNOWN  (latest microcode version for your CPU model is unknown)
* CPU vulnerability to the speculative execution attack variants
  * Affected by CVE-2017-5753 (Spectre Variant 1, bounds check bypass):  YES
  * Affected by CVE-2017-5715 (Spectre Variant 2, branch target injection):  YES
  * Affected by CVE-2017-5754 (Variant 3, Meltdown, rogue data cache load):  NO
  * Affected by CVE-2018-3640 (Variant 3a, rogue system register read):  NO
  * Affected by CVE-2018-3639 (Variant 4, speculative store bypass):  YES
  * Affected by CVE-2018-3615 (Foreshadow (SGX), L1 terminal fault):  NO
  * Affected by CVE-2018-3620 (Foreshadow-NG (OS), L1 terminal fault):  NO
  * Affected by CVE-2018-3646 (Foreshadow-NG (VMM), L1 terminal fault):  NO
  * Affected by CVE-2018-12126 (Fallout, microarchitectural store buffer data sampling (MSBDS)):  NO
  * Affected by CVE-2018-12130 (ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)):  NO
  * Affected by CVE-2018-12127 (RIDL, microarchitectural load port data sampling (MLPDS)):  NO
  * Affected by CVE-2019-11091 (RIDL, microarchitectural data sampling uncacheable memory (MDSUM)): spectre-meltdown-checker.sh: 613: Illegal number: c2
welo@welo-Default-string:~$ uname -a
Linux welo-Default-string 6.5.0-14-generic #14-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 14 14:59:49 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
welo@welo-Default-string:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 23.10
Release:        23.10
Codename:       mantic
welo@welo-Default-string:~$ ls -lh /usr/bin/sh
lrwxrwxrwx 1 root root 4 Jul 11  2023 /usr/bin/sh -> dash
speed47 commented 7 months ago

Thanks for the report, can you try the script in the fix485 branch? This should be better. (direct link: https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/fix485/spectre-meltdown-checker.sh )

skgsergio commented 6 months ago

@speed47 faced what seems to be the same bug:

[...]
  * Affected by CVE-2019-11091 (RIDL, microarchitectural data sampling uncacheable memory (MDSUM)): ./spectre-meltdown-checker.sh: 613: Illegal number: e0

And I can confirm that the branch fix485 fixes it.

kohnw commented 6 months ago

Thanks a lot, i can confirm that fix485 is working good on Ubuntu 23.10.

Regards, Martin

speed47 commented 6 months ago

Thanks for the confirmation!