Code: Select all
mint16 Downloads # uname -a
Linux mint16 3.13.0-141-generic #190-Ubuntu SMP Fri Jan 19 12:53:50 UTC 2018 i686 athlon i686 GNU/Linux
mint16 Downloads # sudo su
sudo: unable to resolve host mint16
mint16 Downloads # whoami
root
mint16 Downloads # sudo su
sudo: unable to resolve host mint16
mint16 Downloads # sh spectre-meltdown-checker.sh
spectre-meltdown-checker.sh: 8: spectre-meltdown-checker.sh: Syntax error: newline unexpected
mint16 Downloads # whoami
root
so I changed the file to /run folder and tried again. I don't think this new kernel is working properly
for me. Also seems to reject my user, yet I can open programs like pluma and caja in super user mode with this user name (old name but on 17.3 version.
Very odd.
Code: Select all
mint16 run # sudo su
sudo: unable to resolve host mint16
mint16 run # sudo ./spectre-meltdown-checker.sh
sudo: unable to resolve host mint16
sudo: unable to execute ./spectre-meltdown-checker.sh: Permission denied
mint16 run # sudo sh ./spectre-meltdown-checker.sh
sudo: unable to resolve host mint16
./spectre-meltdown-checker.sh: 8: ./spectre-meltdown-checker.sh: Syntax error: newline unexpected
I'm going to boot back to the 3.13 "139" kernel, see if my user password comes back.
UPDATE:
I discovered this was missing from my /etc/hosts file.
Code: Select all
127.0.0.1 localhost
127.0.1.1 mint16
After I fixed the host problem (have no idea how that happened, maybe from kernel update?) I rebooted to the "141" kernel.
This is what I get now.
Code: Select all
mint16@mint16 ~/Downloads $ sudo su
mint16 Downloads # ./spectre-meltdown-checker.sh
bash: ./spectre-meltdown-checker.sh: Permission denied
mint16 Downloads # sudo sh spectre-meltdown-checker.sh
spectre-meltdown-checker.sh: 8: spectre-meltdown-checker.sh: Syntax error: newline unexpected
mint16 Downloads # whoami
root
mint16 Downloads # exit
exit
mint16@mint16 ~/Downloads $ whoami
mint16
mint16@mint16 ~/Downloads $ sudo sh spectre-meltdown-checker.sh
spectre-meltdown-checker.sh: 8: spectre-meltdown-checker.sh: Syntax error: newline unexpected
mint16@mint16 ~/Downloads $ uname -a
Linux mint16 3.13.0-141-generic #190-Ubuntu SMP Fri Jan 19 12:53:50 UTC 2018 i686 athlon i686 GNU/Linux
mint16@mint16 ~/Downloads $
Update 2: I figured out the problem. I had right clked on the file name and downloaded that, but it wasn't an .sh file, but to an html document. I remembered you said "zip" and then saw the clone or download link and got that. Here's the results of running it on AMD Sempron 145, a 64 bit CPU.
Code: Select all
mint16@mint16 ~/Downloads $ ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.33
Note that you should launch this script with root privileges to get accurate information.
We'll proceed but you might see permission denied errors.
To run it as root, you can try the following command: sudo ./spectre-meltdown-checker.sh
Checking for vulnerabilities on current system
Kernel is Linux 3.13.0-141-generic #190-Ubuntu SMP Fri Jan 19 12:53:50 UTC 2018 i686
CPU is AMD Sempron(tm) 140 Processor
./spectre-meltdown-checker.sh: 1: ./spectre-meltdown-checker.sh: cannot open /boot/vmlinuz-3.13.0-141-generic: Permission denied
./spectre-meltdown-checker.sh: 1: ./spectre-meltdown-checker.sh: cannot open /boot/vmlinuz-3.13.0-141-generic: Permission denied
./spectre-meltdown-checker.sh: 1: ./spectre-meltdown-checker.sh: cannot open /boot/vmlinuz-3.13.0-141-generic: Permission denied
./spectre-meltdown-checker.sh: 1: ./spectre-meltdown-checker.sh: cannot open /boot/vmlinuz-3.13.0-141-generic: Permission denied
./spectre-meltdown-checker.sh: 1: ./spectre-meltdown-checker.sh: cannot open /boot/vmlinuz-3.13.0-141-generic: Permission denied
./spectre-meltdown-checker.sh: 1: ./spectre-meltdown-checker.sh: cannot open /boot/vmlinuz-3.13.0-141-generic: Permission denied
Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: UNKNOWN (couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?)
* CPU indicates IBRS capability: UNKNOWN (couldn't read /dev/cpu/0/cpuid, is cpuid support enabled in your kernel?)
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: UNKNOWN (couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?)
* CPU indicates IBPB capability: UNKNOWN (couldn't read /dev/cpu/0/cpuid, is cpuid support enabled in your kernel?)
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: UNKNOWN (couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?)
* CPU indicates STIBP capability: UNKNOWN (couldn't read /dev/cpu/0/cpuid, is cpuid support enabled in your kernel?)
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: UNKNOWN (couldn't read /dev/cpu/0/cpuid, is cpuid support enabled in your kernel?)
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: UNKNOWN
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): UNKNOWN
* CPU microcode is known to cause stability problems: NO
* CPU vulnerability to the three speculative execution attacks variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: NO
CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Checking count of LFENCE opcodes in kernel: UNKNOWN
> STATUS: UNKNOWN (couldn't check (couldn't extract your kernel from /boot/vmlinuz-3.13.0-141-generic))
CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: YES
* Currently enabled features
* IBRS enabled for Kernel space: NO (echo 1 > /proc/sys/kernel/ibrs_enabled)
* IBRS enabled for User space: NO (echo 2 > /proc/sys/kernel/ibrs_enabled)
* IBPB enabled: NO (echo 1 > /proc/sys/kernel/ibpb_enabled)
* Mitigation 2
* Kernel compiled with retpoline option: NO
* Kernel compiled with a retpoline-aware compiler: NO
* Retpoline enabled: NO
> STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)
CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Kernel supports Page Table Isolation (PTI): NO
* PTI enabled and active: NO
* Running as a Xen PV DomU: NO
> STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable)
A false sense of security is worse than no security at all, see --disclaimer
mint16@mint16 ~/Downloads $