Hello everyone, this is my first post on the forum. How do I know if my Kernel contains the mitigation for the recent disclosed intel vulnerabilities AKA “Meltdown” as described here? My Kernel version currently is 4.9.74-2 and according to archlinux’s site, the 4.9.74-1 is still vulnerable (https://security.archlinux.org/CVE-2017-5754) and I don’t know if my version is patched with the security update. Thanks in advance.
If you updated recently you should. Patched kernels were available yesterday:
There is a long discussion thread here:
Near the bottom shows how to test if installed:
dmesg -wH | grep 'page tables isolation'
in a terminal and you should get this
Kernel/User page tables isolation: enabled
if the KPTI feature is enabled for your kernel.
I guess you likely meant
dmesg | grep 'page tables isolation'
dmesg -w would wait for new messages.
You are right, there is no need for “w” since it will wait for new messages but it gets the job done:
[marte@marte-manjaro ~]$ dmesg -wH | grep 'page tables isolation' [ +0,000000] Kernel/User page tables isolation: enabled
Thanks for the correction.
chmod +x spectre-meltdown-checker.sh
Did the Intel microcode update 20180108 fix Spectre?