- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am attempting to improve the security posture of a specialty computer system.
According to the Linux tools, the processor in my system is
Intel(R) Celeron(R) CPU N3160 @ 1.60GHz
which is reported as
cpu family : 6 model : 76
stepping : 4
is this processor actually vulnerable as reported by the software checker "Spectre and Meltdown mitigation detection tool v0.43"? If so, is there an MCU to address it?
I've filed an issue at GitHub against the software checker, but I haven't seen an update so I'm hoping there is someone here who can help. There are further details at the link.
If necessary, I could boot to an alternative OS to try to determine this answer, but I'm not sure if that would be effective.
I've also tried reaching out to the system integrator, but I have not received a response.
I read through this post which linked to information about L1TF side channel attacks, and RSRE a.k.a "GPZ Variant 3a" and I have also read Ubuntu's L1TF page, which does not mention CVE-2018-3640. The Ubuntu Security Notice (USN-3756-1) page does not go forward to reference the version of the "intel microcode" package that I am running, or the Linux kernel version, or the Ubuntu distribution release. I suppose this is not surprising, since it is now 2021 and not 2018.
Thank you for any suggestion.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have reviewed the November 2018 MCU guidance which shows on page 6 that the microcode running on this processor is "green", since it is later than version 410. So I'm trying to determine if the checker is correct that this processor running this microcode is vulnerable to RSRR v3a or if it is incorrect.
Here is how I discovered that the processor has microcode updated to revision 0x411:
user@host:~$ su root -c 'dmesg -t | grep -i microcode'
Password:
microcode: microcode updated early to revision 0x411, date = 2019-04-23
microcode: sig=0x406c4, pf=0x1, revision=0x411
microcode: Microcode Update Driver: v2.2.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello cinderbdt
Thank you for posting on the Intel️® communities. We are currently working on this request, the updates will be posted on the thread.
Regards,
David G
Intel Customer Support Technician
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello cinderbdt
The official information about this topic is directly related to SA-00088:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00088.html
You can find the "Affected products" section there, the Celeron N3160 is not listed nor any Braswell processors, so this processor is not affected by the Spectre and Meltdown.
If you are concerned about these alerts, we recommend keeping the BIOS up to date because the microcode is included in that firmware; however, it would be good to check with Linux or the app's developer where those alerts are coming from and see what exactly they mean.
Please keep in mind that this thread will no longer be monitored by Intel. Thank you for your understanding.
Best regards,
David G.
Intel Customer Support Technician
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page