[Bug 1743786] Re: intel-microcode-3.20180108.0~ubuntu17.10.1 fails to address spectre variant 2 on Intel i7-6850k platform

Launchpad Bug Tracker 1743786 at bugs.launchpad.net
Wed Nov 21 04:17:21 UTC 2018 

[Expired for intel-microcode (Ubuntu) because there has been no activity
for 60 days.]

** Changed in: intel-microcode (Ubuntu)
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to intel-microcode in Ubuntu.
https://bugs.launchpad.net/bugs/1743786

Title:
  intel-microcode-3.20180108.0~ubuntu17.10.1 fails to address spectre
  variant 2 on Intel  i7-6850k platform

Status in intel-microcode package in Ubuntu:
  Expired

Bug description:
  Using the test script: spectre-meltdown-checker.sh
  Checking for vulnerabilities against live running kernel Linux 4.13.0-29-lowlatency #32-Ubuntu SMP PREEMPT Fri Jan 12 13:47:11 UTC 2018 x86_64

  CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
  * Checking count of LFENCE opcodes in kernel:  YES 
  > STATUS:  NOT VULNERABLE  (114 opcodes found, which is >= 70, heuristic to be improved when official patches become available)

  CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
  * Mitigation 1
  *   Hardware (CPU microcode) support for mitigation:  NO 
  *   Kernel support for IBRS:  YES 
  *   IBRS enabled for Kernel space:  NO 
  *   IBRS enabled for User space:  NO 
  * Mitigation 2
  *   Kernel compiled with retpoline option:  NO 
  *   Kernel compiled with a retpoline-aware compiler:  NO 
  > STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

  CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
  * Kernel supports Page Table Isolation (PTI):  YES 
  * PTI enabled and active:  YES 
  > STATUS:  NOT VULNERABLE  (PTI mitigates the vulnerability)

  A false sense of security is worse than no security at all, see
  --disclaimer

  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: intel-microcode 3.20180108.0~ubuntu17.10.1
  ProcVersionSignature: Ubuntu 4.13.0-29.32-lowlatency 4.13.13
  Uname: Linux 4.13.0-29-lowlatency x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.20.7-0ubuntu3.7
  Architecture: amd64
  Date: Wed Jan 17 06:00:56 2018
  InstallationDate: Installed on 2017-05-05 (256 days ago)
  InstallationMedia: Ubuntu-MATE 17.04 "Zesty Zapus" - Release amd64 (20170412)
  ProcEnviron:
   TERM=xterm-color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: intel-microcode
  UpgradeStatus: Upgraded to artful on 2017-10-20 (89 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1743786/+subscriptions

More information about the foundations-bugs mailing list