How to determine which modules are responsible for spectre_v2 returning "Vulnerable: Retpoline with unsafe module(s)"?
Issue
- When we run the "Spectre And Meltdown Detector" lab app, it reports
Vulnerable: Retpoline with unsafe module(s)similar to the output below. How do we find out which modules are unsafe?
Variant #2 (Spectre): Vulnerable: Retpoline with unsafe module(s)
CVE-2017-5715 - speculative execution branch target injection
- Kernel with mitigation patches: OK
- HW support / updated microcode: YES
- IBRS: Not disabled on kernel commandline
- IBPB: Not disabled on kernel commandline
- Retpolines: Not disabled on kernel commandline
- When checking for Spectre vulnerabilities, the
/sys/devices/system/cpu/vulnerabilities/spectre_v2file indicates the following. How do we find out which modules are responsible?
# cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable: Retpoline with unsafe module(s)
Environment
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- kernel package which include Retpoline-based mitigation
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
