On 08/15/2018 01:21 PM, Reindl Harald wrote:
* Di Aug 14 2018 Justin M. Forbes <jforbes(a)fedoraproject.org> -
4.17.14-101
- Fix "Foreshadow" CVE-2018-3620 CVE-2018-3646 (rhbz 1585005 1615998)
-----
CentOS 6: 2.6.32-754.3.5.el6.x86_64
[root@honeypot:~]$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
Speculative Store Bypass disabled via prctl
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: Load fences
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Retpoline
with unsafe module(s), IBPB
-----
CentOS 7: 3.10.0-862.11.6.el7.x86_64
[root@hosting:~]$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: Load
fences, __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full
retpoline
-----
Fedora 27/28: 4.17.14-(1|2)01.fc2(7|8).x86_64
[root@master:~]$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full
generic retpoline, IBPB, IBRS_FW
There were .202 and .102 versions, please check those