概述
这两个漏洞详细的我就不多说了,自己去百度,反正这两个东西忙坏了云服务厂商就对了,目前只要你的系统更新过,不管windows,ios,安卓,mac还是linux,大部分都已经修补了,但是我们还是检查一下比较好。下面的检查只针对linux,我使用的是ubuntu,用windows的一般都是大神,网上有powershell的检测脚本,自己百度吧。
操作
首先clone下检查的脚本
git clone https://github.com/speed47/spectre-meltdown-checker.git
之后你会看见下面这些文件
➜ ~ cd spectre-meltdown-checker
➜ spectre-meltdown-checker git:(master) ls
LICENSE README.md spectre-meltdown-checker.sh
执行这个脚本就好了,如果脚本没有可执行权限的话,执行
chmod +x spectre-meltdown-checker.sh
还有注意执行这个脚本要使用root用户
➜ spectre-meltdown-checker git:(master) sudo ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.28
Checking for vulnerabilities against running kernel Linux 4.13.0-26-generic #29~16.04.2-Ubuntu SMP Tue Jan 9 22:00:44 UTC 2018 x86_64
CPU is Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: NO
> STATUS: VULNERABLE (only 29 opcodes found, should be >= 70, heuristic to be improved when official patches become available)
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Hardware (CPU microcode) support for mitigation: NO
* Kernel support for IBRS: NO
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): YES
* PTI enabled and active: YES
> STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)
A false sense of security is worse than no security at all, see --disclaimer
可以看到检查了3个cve我的最后一个> STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)表示修补了,但是前面两个> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)表示没有被修补,我的ubuntu系统内核是
Linux bboysoul 4.13.0-26-generic #29~16.04.2-Ubuntu SMP Tue Jan 9 22:00:44 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
其实我是已经更新了的,为什么这样呢,我也不知道,还有我的内核更新日期你可以看到的是2018年1月9号的,我把这个脚本放在我的服务器上也检测过了,也是一样的结果。
ubuntu内核更新值得注意的是ubuntu server版本是不需要重启的但是desktop版本就要重启了。
其实不用这个脚本还有一种检测方法,输入下面三行任何一行的命令,如果显示patched,那么就表示你的系统是没有这个漏洞了
grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched :)" || echo "unpatched :("
grep cpu_insecure /proc/cpuinfo && echo "patched :)" || echo "unpatched :("
dmesg | grep "Kernel/User page tables isolation: enabled" && echo "patched :)" || echo "unpatched :("
实例
➜ ~ grep CONFIG_PAGE_TABLE_ISOLATION=y /boot/config-`uname -r` && echo "patched :)" || echo "unpatched :("
CONFIG_PAGE_TABLE_ISOLATION=y
patched :)
➜ ~ grep cpu_insecure /proc/cpuinfo && echo "patched :)" || echo "unpatched :("
bugs : cpu_insecure
bugs : cpu_insecure
bugs : cpu_insecure
bugs : cpu_insecure
patched :)
➜ ~ dmesg | grep "Kernel/User page tables isolation: enabled" && echo "patched :)" || echo "unpatched :("
[ 0.000000] Kernel/User page tables isolation: enabled
patched :)
➜ ~
欢迎关注我的博客www.bboy.app
Have Fun