With the latest update of “spectre-meltdown-checker” as its been a while I don t check, now I see this:
CVE-2020-0543 aka ‘Special Register Buffer Data Sampling (SRBDS)’
Mitigated according to the /sys interface: NO (Vulnerable: No microcode)
SRBDS mitigation control is supported by the kernel: YES (found SRBDS implementation evidence in kernel image. Your kernel is up to date for SRBDS mitigation)
SRBDS mitigation control is enabled and active: NO
STATUS: VULNERABLE (Your CPU microcode may need to be updated to mitigate the vulnerability
but in the begining of the check I have this:
CPU supports Special Register Buffer Data Sampling (SRBDS): NO
In my personal opinion
on a personal computer
which is not a server to anyone or anything apart from occasional ssh connections from inside my (very small) local network
I do not care about this or any other of these kind of vulnerabilities.
I do not want to incur the performance impact these (may) have for no gain.
And so I decided
(just for myself)
to disable any and all of these mitigations
by adding: mitigations=off
to the Grub command line
to disable them all in one go.
But maybe someone can and wants to correct me on this my decision?
I am on a personal desktop computer too, I was just curious about, maybe this mitigations will have impact over a server with many ssh connections as you say. I was just investigating what was this.
i repeat what i was seeing before with i7 6700K- 6 gen Intel Series ( Skylake gen 2015 and more )
all was in RED ( except SGX that only concerns Xeon ) ,
i get Green , or Yellow/Red if database date microcode do not match with last from the script