Open Source Summit + Embedded Linux Conference Europe 2020

Spectre & Meltdown Checker is a widely used open source hardware vulnerability checker tool. This simple to use application evaluates your system’s exposure to speculative execution side channel issues and detects the presence of security mitigations on your system. It is compatible with BSD and all Linux* flavors and distributions, and can be used on-premises, in virtual environments, and in containers.

In this session we'll take a trip back to early 2018, when Spectre & Meltdown changed the landscape of the IT security for years to come, which made this Spectre & Meltdown Checker a necessity. You will learn the process of contributing to Spectre & Meltdown Checker (what needs to be done between discovering a CVE vulnerability and pushing a patch to address the CVE to the public main repo). We will go over CVE nomenclature for new CPU vulnerabilities, creating a list of unaffected processors, new hardware capabilities, and the patch itself. From there Agata will cover steps on how to install the checker script, and then how to review and read the output from the tool. She will wrap up with what to do if you discover a vulnerability in your system.