On 6/30/20 2:09 AM, stan via users wrote:
It seems that you have got an answer, install a new kernel, or rebuild
the initramfs to include the new microcode.
Except that this does not work. The meltdown ovh script still reports
that my system is vulnerable.
I did a rebuild of my initramfs using:
dracut -f
Then rebooted and checked once again. No change. The vulnerability still
exists.
Thus, even if the mitigation is loaded, the system is still vulnerable
at some level.
Would be great if I could be absolutely certain about this.
For now, saying that it works without verification, is just like wishful
thinking for me.
There is nothing you can do beyond what you have done,
though.
So is it confirmed this is a bug in the microcode ?
I don't know how the tool you are using to check functions,
but it could be that it is seeing these additional vulnerabilities and
reporting that your system is still vulnerable even though the
mitigation is in place, and the worst vulnerabilities are protected.
Yeah, this all sounds great. But again, I have to be sure.
I don't want security to be a crystal ball.
An extreme measure you could take might be to buy a system with a CPU
that is not vulnerable. The article mentions that they do exist, even
some from Intel.
That's not very sensible when a fix already exists and is not working.
Why should I pay extra for things that are suppose to be fixed in the
code that actually advertises it fixes them ?
--
Regards,
Sreyan
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
