Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds msbd

New to Debian (Or Linux in general)? Ask your questions here!

Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds msbd

Postby Udaba » 2019-07-30 01:30

Is there any way to fix this . with this command : cat /proc/cpuinfo
i got this : bugs: cpu_meltdown spectre_v1 spectre_v2 mds msbds_only

Any ideas what i should do?
Udaba
 
Posts: 18
Joined: 2019-03-18 00:35

Re: Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds

Postby NFT5 » 2019-07-30 03:56

Read this, especially the DSA and CVE links.

Run the Meltdown checker tool if you really need to.

Take appropriate action, if necessary, as detailed in above. In my case the appropriate action was to go and have a cup of tea.
User avatar
NFT5
 
Posts: 338
Joined: 2014-10-10 11:38
Location: Canberra, Australia

Re: Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds

Postby theblueplll » 2019-07-31 00:29

Udaba wrote:Is there any way to fix this . with this command : cat /proc/cpuinfo
i got this : bugs: cpu_meltdown spectre_v1 spectre_v2 mds msbds_only

Any ideas what i should do?


Stop using Intel cpu's is all that you can do if it worries you that much.
theblueplll
 
Posts: 154
Joined: 2019-04-29 01:17

Re: Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds

Postby cuckooflew » 2019-07-31 01:46

With out more specific details on your hardware, verison of Debian, etc. no one can really say, but the link provided by NFT5 is a good place to start checking, it shows what versions have not been mitigated:
https://wiki.debian.org/DebianSecurity/SpectreMeltdown
Other CPU's could have vulnerabilities as well and no one has found them yet, or if they have , they have not told anyone, so in a nut shell just changing CPU does not guarantee better security,... Since Intel is used in so many machines, including most PC's used in financial institutions, a huge amount of effort has been put into mitgating this problem.
If you are not technically skilled enough and securty is essential, your best option is to get someone that is skilled and well informed, to help you make sure. I remember when all the scare about the "Meltdown" and Intel ,etc started, my grand father was working night and day, and went out of town for several weeks, but that is another topic.
If it is of any assurance, my PC and laptop both have Intel inside, and I don't worry about it, but then I had my grandfather to help take care of that.
My grand father knows all about everything:
…one flew east, one flew west,
One flew over the cuckoo’s nest.
cuckooflew
 
Posts: 84
Joined: 2018-05-10 19:34
Location: Some where out west

Re: Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds

Postby Udaba » 2019-07-31 14:12

I have an Intel(R) Celeron(R) CPU N2840 @ 2.16GHz and i run Buster . i have no idea what i should do . the link ntf5 says buster is not vulnurable but it is.
Udaba
 
Posts: 18
Joined: 2019-03-18 00:35

Re: Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds

Postby Head_on_a_Stick » 2019-07-31 15:10

Udaba wrote:it is

Is not:
Code: Select all
grep -R . /sys/devices/system/cpu/vulnerabilities

But it's probably worth noting that Intel's rubbish processors will doubtless be vulnerable to other side-channel attacks thanks to their laughable SMT implementation. The kernel devs are in Intel's pocket and so won't disable hyperthreading by default (unlike the OpenBSD devs) so you should probably do that yourself by adding the nosmt kernel command line parameter.

EDIT: actually your processor doesn't seem to support hyperthreading but I'll leave that note here for others who are not so fortunate.
Don't break DebianHow to report bugs

SharpBang GNU/Linux® — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10695
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Im vulnurable to cpu_meltdown spectre_v1 spectre_v2 mds

Postby theblueplll » 2019-08-01 01:17

Head_on_a_Stick wrote:
Udaba wrote:it is

Is not:
Code: Select all
grep -R . /sys/devices/system/cpu/vulnerabilities

But it's probably worth noting that Intel's rubbish processors will doubtless be vulnerable to other side-channel attacks thanks to their laughable SMT implementation. The kernel devs are in Intel's pocket and so won't disable hyperthreading by default (unlike the OpenBSD devs) so you should probably do that yourself by adding the nosmt kernel command line parameter.

EDIT: actually your processor doesn't seem to support hyperthreading but I'll leave that note here for others who are not so fortunate.


Was I seeing things or did you have a link in your post earlier?

I could swear I was reading more about this subject somewhere that you posted on the forums earlier.
theblueplll
 
Posts: 154
Joined: 2019-04-29 01:17


Return to Beginners Questions

Who is online

Users browsing this forum: No registered users and 5 guests

fashionable