On 02/19/2018 06:04 AM, Ed Greshko wrote:
On 02/19/18 21:51, Ranjan Maitra wrote:
> What do these mean, and what is the needed mitigation, if any?
Basically, it means that everything that can currently be done to lessen the chances
of a security breach is being done.
Otherwise you may see something like...
Mitigation: Full generic retpoline - vulnerable module loaded
Ed:
In earlier email in this thread, you stated:
Yes. As long as you don't have kernel modules which were built with
a non-patched gcc.
ls /sys/devices/system/cpu/vulnerabilities/*
cat /sys/devices/system/cpu/vulnerabilities/*
This file is new to me ... do you happen to know about when it was
introduced and if there is any documentation on it (I couldn't find
anything but I feel I was grasping in the dark as I must be missing
something).
From what I can tell in this thread, this is a good new addition
Best,
Paul