$ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline All of my machines show this same information. My understanding is spectre variant 2 requires both microcode and kernel patches, but variant 1 (CVE-2017-5753) requires only kernel patches. Why is a vulnerability still shown here? kernel-4.14.14-300.fc27.x86_64 microcode_ctl-2.1-20.fc27.x86_64 dnf info microcode_ctl then points to https://pagure.io/microcode_ctl where I find the note that this version contains: Intel CPU microcode update. 20180108 Excerpt from /proc/cpuinfo model name : Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz microcode : 0xc2 bugs : cpu_meltdown spectre_v1 spectre_v2 The microcode was 0xbe before the microcode update. Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
