Skip to content

v0.38
Compare
Choose a tag to compare
@speed47 speed47 released this 07 Aug 08:56
· 238 commits to master since this release
v0.38
21af561
  • Feature: support detection for Variant 3a (CVE-2018-3640) and Variant 4 (CVE-2018-3639)
  • Feature: add Spectre v1 mitigation detection for ARM 32 bits
  • Feature: add Cavium CPU support and correct vulnerability information
  • Feature: add guess for kernel image location on Raspberry Pi 3
  • Feature: ability to run the script inside a Docker container (Dockerfile included)
  • Change: omit explanations by default to avoid cluttering the output, use --explain to get detailed mitigation help
  • Enhancement: explain mode: suggest to set VM CPU to an IBRS-capable one for hypervisors
  • Enhancement: avoid use of iflag=skip_bytes for compat with old dd versions
  • Fix: no longer unload msr or cpuid modules on exit if they were loaded before we started
  • Fix: when we can't determine if IBRS is enabled or not, report it as NO instead of UNKNOWN when we know that the CPU can't support it
  • Fix: variant2: detection now works under SLES kernels
  • Fix: ARM: update vulnerability info to latest vendor statement
  • Fix: ARM: ARMv8 models under Cortex A57 correctly marked as non-vulnerable (also fixes Raspberry Pi 3)
  • Fix: prometheus output wouldn't format \n correctly under some systems
Assets 2
Loading