Specter and Meltdown were vulnerabilities that leaked through the processor and have been developed to allow an attacker with the necessary knowledge to capture information from the processor to which, in theory, and in practice, they should not have access, including passwords and passwords.
The worst of this is that Specter and Meltdown attack equally to Intel and AMD, which are recognized manufacturers with a high reputation at the level of processors which makes us the majority of users potential victims.
For this reason, you need to check if our Linux operating system is prone or not to these two vulnerabilities and, if it is the case, take the necessary security measures which involve downloading and installing the latest security patches of the developers or make use of special tools for this purpose.
How To Check Meltdown or Specter Vulnerability on Linux [Basic Mode]
In the case of Linux, we have the option of running a simple test which was offered by the Linux kernel developers, and this test gives us the possibility to verify the distribution status at the level of this Meltdown and Specter vulnerabilities.
1. Run the following line:
grep . /sys/devices/system/cpu/vulnerabilities/*
As we have indicated, in some systems this analysis is not available, this implies that the kernel doesn't have that directory or sysfs files.
So it will be necessary to update the kernel to the latest version. In case of not having this directory we will see the following error:
grep: /sys/devices/system/cpu/vulnerabilities/*: No such file or directory
2. Once you upgraded the kernel, execute the command:
grep . /sys/devices/system/cpu/vulnerabilities/*
Note: If your system doesn't run the command even when you update the kernel, you have the option to use a script instead to check the vulnerability.
Check Meltdown or Specter Vulnerability With a Script
To check the vulnerability, we will use a script that was developed to obtain accurate data on the type of security of our system and tells us whether or not we are susceptible to the threat.
1. To download this script, we must have Git installed in the operating system; if not, install Git with:
On Debian and Ubuntu
sudo apt-get install git
In CentOS or RedHat
sudo yum install git
2. Once installed, clone the repository of the script in any directory, in this case, Downloads, like this:
cd Downloads git clone https://github.com/speed47/spectre-meltdown-checker.git
3. When the cloning process finishes, enter to the directory and execute the downloaded script like this:
cd spectre-meltdown-checker ./spectre-meltdown-checker.sh
The result is a bit extensive, and in the first section we will see if we are vulnerable or not to the different variables of these vulnerabilities:
In this case, we know that we are exposed to all the variables of these threats. In the final part we will see more detailed information about the different types of threats:
Easy like that we can analyze if our system is vulnerable to Specter and Meltdown.