1. Home
  2. Linux

Check If You’re Vulnerable To Meltdown And Spectre On Linux

Meltdown and Spectre are bugs in Intel’s CPUs and because they’re hardware bugs, no operating system is immune to them. This bug, when exploited, allows anyone to access random areas of kernel memory (the thing that lays underneath all the tools that make up an operating system) and interfere with the programs that are running. The Spectre vulnerability effects all CPUs (possibly even your phone), and works by confusing running programs into leaking information otherwise off limits. For now, these bugs are being dealt with via security patches and BIOS updates. Here’s how to check if you’re vulnerable to Meltdown and Spectre on Linux.

Spectre Meltdown Checker

The Spectre Meltdown checker script is freely available on Github for download. There are multiple ways to download this tool, but by far the best way is with the Git tool. To get started, first install Git (if you don’t have it already). The git tool is included on all major Linux distributions in one way or another.

To find it, open up the package manager, find “git” and install it. With the tool installed on your Linux PC, open up a terminal window and use the git tool to clone the files from the developer’s page:

cd /tmp
git clone https://github.com/speed47/spectre-meltdown-checker.git

Since the checker script is saved to the temporary directory, it will be deleted from your Linux PC upon reboot. If you’d like to keep it for future use, do this instead:

cd ~/

git clone clone https://github.com/speed47/spectre-meltdown-checker.git

To execute the script, you’ll need to be in the exact directory that the file downloads to. Using the CD command, go into the script folder.

cd spectre-meltdown-checker

Checking For Meltdown And Spectre On Linux

The detection tool can be run in two ways: non-root and root. Ideally, this tool should run with root privileges, as it makes it much easier to directly check with different aspects of the Linux kernel — places that a regular user can’t access normally.

Run the detector with:

sudo sh spectre-meltdown-checker.sh

Doing so will print out detailed information regarding the status of your operating system in relation to the different vulnerabilities. Specifically, the script will check if your Linux PC (or Server) can be harmed by Spectre Variant 1, Spectre Variant 2 and Meltdown.

Spectre Vulnerabilities In Browser

Using the script above isn’t the only way to check for the Spectre CPU vulnerability. If you’re looking for a second opinion, there is a website that can also detect if Spectre can harm your machine.

There aren’t any prerequisites to running this tool. Simply click on the link and go. When on the page, click the “click to check” button, and the tool will start up. It’ll take a little bit of time, but soon after you’ll know if your PC is vulnerable.

Note: worried about other non-Linux devices like a smartphone, Mac/Windows Machine? If so, this website link is a good way to check. The exploit checker linked above works on every operating system, and isn’t only for Linux users.

The tool checker isn’t nearly as detailed as the script above. It doesn’t show detailed information on what specific types of Spectre you may be vulnerable to. It also doesn’t give any details about your operating system, your kernel, etc.  Still, if you’re panicking about this vulnerability, this is another good way to find out.

What To do

These vulnerabilities are problem with how CPUs themselves are built. As a result, fixing the problems entirely may prove to be a challenge. For what it’s worth, many developers are working very hard to push out various types of protections from these exploits, so there is no reason to panic.

Go into your Linux distribution’s update center and refresh it. Chances are your operating system will have some critical security updates related to Spectre and Meltdown you need to install. Keep checking for updates every few days, and even weeks as many pieces of affected software on your system may be pushing out updates to protect you from it. Also, check for updates for your BIOS.

In addition to installing various software updates for your browser and etc, it is critical that you update your Linux kernel! Many Linux vendors will be rapidly pushing out fixes and protections as soon as possible for all types of affected software.

Worried about your other, non-Linux devices? Be sure to read into all the information regarding the latest updates to your smartphone, and other computers and install the latest updates as soon as possible. Apple has already patched iOS with iOS 11.2.2 and Microsoft has released updates for Meltdown for Windows 10.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.