Skip to content

Commit 97f4d5f

Browse files
speed47speed47
committed
feat(reptar): add detection and mitigation of Reptar
1 parent 9b7b09a commit 97f4d5f

File tree

3 files changed

+1194
-1041
lines changed

3 files changed

+1194
-1041
lines changed

.github/workflows/check.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ jobs:
2424
fi
2525
- name: check direct execution
2626
run: |
27-
expected=18
27+
expected=19
2828
nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l)
2929
if [ "$nb" -ne "$expected" ]; then
3030
echo "Invalid number of CVEs reported: $nb instead of $expected"
@@ -34,7 +34,7 @@ jobs:
3434
fi
3535
- name: check docker-compose run execution
3636
run: |
37-
expected=18
37+
expected=19
3838
docker-compose build
3939
nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
4040
if [ "$nb" -ne "$expected" ]; then
@@ -45,7 +45,7 @@ jobs:
4545
fi
4646
- name: check docker run execution
4747
run: |
48-
expected=18
48+
expected=19
4949
docker build -t spectre-meltdown-checker .
5050
nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
5151
if [ "$nb" -ne "$expected" ]; then

README.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ CVE
2323
[CVE-2022-40982](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982) | Gather Data Sampling | GDS, Downfall
2424
[CVE-2023-20569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569) | Return Address Security | Inception, RAS, SRSO
2525
[CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593) | Cross-Process Information Leak | Zenbleed
26+
[CVE-2023-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583) | Redundant Prefix issue | Reptar
2627

2728
Supported operating systems:
2829
- Linux (all versions, flavors and distros)
@@ -199,3 +200,9 @@ docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/m
199200
- Impact: Kernel & all software
200201
- Mitigation: either kernel mitigation by disabling a CPU optimization through an MSR bit, or CPU microcode mitigation
201202
- Performance impact of the mitigation: TBD
203+
204+
**CVE-2023-23583** Redundant Prefix issue (Reptar)
205+
206+
- Impact: All software
207+
- Mitigation: microcode update for the affected CPU
208+
- Performance impact of the mitigation: low

0 commit comments

Comments
 (0)