CVE-2017-5715 Spectre vulnerability variant 2




  • Avatar
    ashok k

    I am using HP DL Prolient 380 Gen 8 server running with CentOS 6.5 OS. 

    I did installed/updated all the packages as you said, and downloaded a diagnosis script from Redhat (

    But, still, the script says variant 2 aka spectre with CVE-2017-5715 is vulnerable. Any idea? below is my output.

    [akandime@hostname~]# ./

    This script is primarily designed to detect Spectre / Meltdown on supported
    Red Hat Enterprise Linux systems and kernel packages.
    Result may be inaccurate for other RPM based systems.

    /sys/kernel/debug/x86 is mounted and accessible

    The following files are accessible:
    /sys/kernel/debug/x86/pti_enabled, /sys/kernel/debug/x86/ibpb_enabled, /sys/kernel/debug/x86/ibrs_enabled
    Checking files…

    Detected CPU vendor is: Intel

    Variant #1 (Spectre): Mitigated
    Variant #2 (Spectre): Vulnerable
    Variant #3 (Meltdown): Mitigated

    For more information see:

    =========> There is another script I download from Github and it also pointed out the same output.

    ===> [akandime@hostname~]# ./
    Spectre and Meltdown mitigation detection tool v0.27

    Checking for vulnerabilities against live running kernel Linux 2.6.32-696.18.7.el6.x86_64 #1 SMP Thu Jan 4 17:31:22 UTC 2018 x86_64

    CVE-2017-5753 [bounds check bypass] aka ‘Spectre Variant 1’

    • Checking count of LFENCE opcodes in kernel: YES

    STATUS: NOT VULNERABLE (84 opcodes found, which is >= 70, heuristic to be improved when official patches become available)

    CVE-2017-5715 [branch target injection] aka ‘Spectre Variant 2’

    • Mitigation 1
    • Hardware (CPU microcode) support for mitigation: NO
    • Kernel support for IBRS: YES
    • IBRS enabled for Kernel space: NO
    • IBRS enabled for User space: NO
    • Mitigation 2
    • Kernel compiled with retpoline option: NO
    • Kernel compiled with a retpoline-aware compiler: NO

    STATUS: VULNERABLE (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)

    CVE-2017-5754 [rogue data cache load] aka ‘Meltdown’ aka ‘Variant 3’

    • Kernel supports Page Table Isolation (PTI): YES
    • PTI enabled and active: YES

    STATUS: NOT VULNERABLE (PTI mitigates the vulnerability)

    A false sense of security is worse than no security at all, see --disclaimer

  • Avatar
    ashok k

    The verification steps you said for RHEL and CentOS. Any idea? 


    On my server, the output is coming as zero after updating all the packages you have given and I did reboot the server too. 


    # cat /sys/kernel/debug/x86/ibpb_enabled
    # cat /sys/kernel/debug/x86/ibrs_enabled

  • Avatar
    Ivan Postnikov

    @ashok k


    The vulnerability is on a hardware level.

    This article is aimed to provide a list of solutions prepared by OS developers.

    In case you have applied all the steps to resolve the issue and the vulnerability persists, please, contact OS developers for further instructions.

Please sign in to leave a comment.

Have more questions? Submit a request