I have just tried on my not so new pc this interesting script: Specter-Meltdown-Checker , as specified also in instructions, it is not a bible, but surely it is something could give you very useful informations – this script give you the possibility to check your pc vulnerability to Spectre (2 variants) and Meltdown.
Pc features:
Intel I5-3470 (ivy bridge) 3.20 GHz
Kernel: 4.14.13-1-ARCH
8 GB ram
Arch Linux
Nvidia Geforce Gt-630
full Hardware details are here , (i have used lshw command)
i downloaded and extracted .zip file ,
then i applied execute permission to .sh file through chmod +x
Then i have executed the script (Is recommended to execute script being root)
after password insertion, the script can run:
below results:
Spectre Variant 1 (CVE-2017-5753 bounds check bypass)
final result is
Spectre Variant 2 (CVE-2017-5715 branch target injection)
as you can see, script try to check if in my machine are some mitigations
final result is
Meltdown (CVE-2017-5754 rogue data cache load)
In that case result was positive, thanks Kernel 🙂
Just for curiosity i have also executed script without root permission (i know, have no sense but i wanted see differences) below you can see what happens:
Obviously script will warn you, then will start
Spectre (Variant 1)
only differences are B^B^B^checking LFENCE while outcome (UNKNOWN) and especially final result (VULNERABLE) are exactly the same you can see executing script as root
Spectre (Variant 2)
during mitigation 1 check there is a read permission error (predictable considering we don’t have root permission) on /dev/cpu/0/msr , so script can’t check cpu microcode
Rest of other checks (IBRS kernel support,kernel space,user space etc) were identical as reported above , included final result (VULNERABLE)
Meltdown
Identical result as reported above (NOT VULNERABLE)
