Meltdown-Spectre/ubuntu16.04LTSについて、ここに記述してください。
Linux kernel4.4.0-109に更新後の検査:
tmaeno@u16:~/Desktop/spectre-meltdown-checker-master$ sudo ./spectre-meltdown-checker.sh Spectre and Meltdown mitigation detection tool v0.17 Checking for vulnerabilities against live running kernel Linux 4.4.0-109-generic #132-Ubuntu SMP Tue Jan 9 19:52:39 UTC 2018 x86_64 Will use vmlinux image /boot/vmlinuz-4.4.0-109-generic Will use kconfig /boot/config-4.4.0-109-generic Will use System.map file /boot/System.map-4.4.0-109-generic CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' * Kernel compiled with LFENCE opcode inserted at the proper places: NO (only 38 opcodes found, should be >= 70) > STATUS: VULNERABLE CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' * Mitigation 1 * Hardware (CPU microcode) support for mitigation: NO * Kernel support for IBRS: NO * IBRS enabled for Kernel space: NO * IBRS enabled for User space: NO * Mitigation 2 * Kernel compiled with retpoline option: NO * Kernel compiled with a retpoline-aware compiler: NO > STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability) CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' * Kernel supports Page Table Isolation (PTI): YES * PTI enabled and active: YES > STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)