CloudLinux 6 Kernel and Spectre Variant 1

pwill

Junior Member

Join Date: Mar 2021

Posts: 24
- Share
- Tweet
#1

CloudLinux 6 Kernel and Spectre Variant 1

02-05-2018, 09:24 PM

I have a server running CL6 kernel

Code:

2.6.32-896.16.1.lve1.4.51.el6.x86_64 #1 SMP Wed Jan 17 13:19:23 EST 2018 x86_64 x86_64 x86_64 GNU/Linux

I believe in the past this kernel was supposed to not be vulnerable to Spectre Variant 1 however when I run the following checker:

https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh

Code:

CVE-2017-5753 [bounds check bypass] aka Spectre Variant 1 * Kernel has array_index_mask_nospec: NO * Checking count of LFENCE instructions following a jump in kernel: NO (only 23 jump-then-lfence instructions found, should be >= 30 (heuristic)) > STATUS: VULNERABLE (Kernel source needs to be patched to mitigate the vulnerability)

Is this a false alarm or is this kernel vulnerable? I ran a yum update and installed the latest kernel and rebooted.

Best regards,
Eric
Tags: None
apb

Senior Member

Join Date: Feb 2018

Posts: 386
- Share
- Tweet
#2

02-06-2018, 04:37 PM

Eric,

Please, create a ticket in our helpdesk system at https://cloudlinux.zendesk.com (KernelCare department) so our support team can elaborate on this.
Comment

Announcement