Meltdown/Spectre Vulnerability Checker for Linux

Chances are you've stumbled across about 5000 security bulletins in the past few weeks covering the prematurely disclosed Meltdown and Spectre vulnerabilities. If not, take a moment to read the link I just gave you.

TL;DR almost every modern operating system and CPU are vulnerable to a class of attacks that could result in stolen data or worse. Unfortunately these attacks are made possible by fundamental design flaws, and fixes are going to require a combination of firmware patches, CPU microcode updates, OS updates, and general software updates.

Of course, with shit flying in all directions, what you really need to know is, "How vulnerable am I?"

A recent post from our friends at Darknet.org.uk linked to this helpful Linux command line script. It is a work-in-progress, and as the author notes, it "does its best" to probe your vulnerability without actually running any exploits. At publication time, the script focuses on the following:

CVE-2017-5753 bounds check bypass (Spectre Variant 1)

CVE-2017-5715 branch target injection (Spectre Variant 2)

CVE-2017-5754 rogue data cache load (Meltdown)

For more information or to download the script, view the project on Github.

Josh Stoik
10 January 2018
Previous 25 Easy PHP7 Micro-Optimizations
Next On Content-Security-Policy Headers