我最近了解了 lscpu 命令,并且很高兴了解架构信息。然而,最后有一个部分显示了很多漏洞。进行了一些谷歌搜索,并浏览了论坛和文章后,发现这是英特尔处理器的架构问题。
但我不理解输出,也不知道在查看命令的输出时仍然存在多少风险。我附上了漏洞的输出,请帮助我理解以及可以采取哪些措施来防范风险。
Vulnerabilities:
Gather data sampling: Mitigation; Microcode
Itlb multihit: KVM: Mitigation: VMX disabled
L1tf: Mitigation; PTE Inversion; VMX conditional cache flushe
s, SMT vulnerable
Mds: Mitigation; Clear CPU buffers; SMT vulnerable
Meltdown: Mitigation; PTI
Mmio stale data: Mitigation; Clear CPU buffers; SMT vulnerable
Retbleed: Mitigation; IBRS
Spec rstack overflow: Not affected
Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl
and seccomp
Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer
sanitization
Spectre v2: Mitigation; IBRS, IBPB conditional, STIBP conditional,
RSB filling, PBRSB-eIBRS Not affected
Srbds: Mitigation; Microcode
Tsx async abort: Not affected
还请提供链接,我可以在其中阅读更多内容并理解它。TIA