On Fri, Feb 12, 2021, at 17:15, Kurt Roeckx wrote:
> Package: intel-microcode
> Version: 3.20201118.1~deb10u1
...
> spectre-meltdown-checker reports:
> CVE-2018-3640 aka 'Variant 3a, rogue system register read'
> * CPU microcode mitigates the vulnerability: NO
> > STATUS: VULNERABLE (an up-to-date CPU microcode is needed to mitigate
> > this vulnerability)
...
> [2.012058] microcode: sig=0x406c4, pf=0x1, revision=0x411
This is the latest public release of microcode for this processor, and none
newer has been observed in the field.
> Can you clarify if a microcode update is missing, just not available
> or that spectre-meltdown-checker is wrong?
That's the latest update.
I don't know if that celeron N is vulnerable to spectre 3a. You'd need to try
an exploit to know for sure, the Intel microcode guide is not that detailed.
Rev. 0x410 and later are supposed to mitigate meltdown as much as possible for
that processor according to the public information released by Intel at the
time.
--
Henrique de Moraes Holschuh