]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/vulnerabilities.cgi
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
vulnerabilities.cgi: add RFDS (CVE-2ß23-28746) to list
[ipfire-2.x.git] / html / cgi-bin / vulnerabilities.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23
24 # enable only the following on debugging purpose
25 #use warnings;
26 #use CGI::Carp 'fatalsToBrowser';
27
28 require '/var/ipfire/general-functions.pl';
29 require "${General::swroot}/lang.pl";
30 require "${General::swroot}/header.pl";
31
32 my %VULNERABILITIES = (
33 "gather_data_sampling" => "$Lang::tr{'downfall gather data sampling'} (CVE-2022-40982)",
34 "itlb_multihit" => "$Lang::tr{'itlb multihit'} (CVE-2018-12207)",
35 "l1tf" => "$Lang::tr{'foreshadow'} (CVE-2018-3620)",
36 "mds" => "$Lang::tr{'fallout zombieload ridl'} (CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091)",
37 "meltdown" => "$Lang::tr{'meltdown'} (CVE-2017-5754)",
38 "mmio_stale_data" => "$Lang::tr{'mmio stale data'} (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166)",
39 "reg_file_data_sampling" => "$Lang::tr{'reg_file_data_sampling'} (CVE-2023-28746)",
40 "retbleed" => "$Lang::tr{'retbleed'} (CVE-2022-29900, CVE-2022-29901)",
41 "spec_rstack_overflow" => "$Lang::tr{'spec rstack overflow'} (CVE-2023-20569)",
42 "spec_store_bypass" => "$Lang::tr{'spectre variant 4'} (CVE-2018-3639)",
43 "spectre_v1" => "$Lang::tr{'spectre variant 1'} (CVE-2017-5753)",
44 "spectre_v2" => "$Lang::tr{'spectre variant 2'} (CVE-2017-5715)",
45 "srbds" => "$Lang::tr{'srbds'} (CVE-2020-0543)",
46 "tsx_async_abort" => "$Lang::tr{'taa zombieload2'} (CVE-2019-11135)",
47 );
48
49 my $errormessage = "";
50 my $notice = "";
51
52 my %mainsettings = ();
53 my %color = ();
54 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
55 &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
56
57 my %settings = (
58 "ENABLE_SMT" => "auto",
59 );
60 &General::readhash("${General::swroot}/main/security", \%settings);
61
62 &Header::showhttpheaders();
63
64 &Header::getcgihash(\%settings);
65
66 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
67 if ($settings{'ENABLE_SMT'} !~ /^(auto|on)$/) {
68 $errormessage = $Lang::tr{'invalid input'};
69 }
70
71 unless ($errormessage) {
72 &General::writehash("${General::swroot}/main/security", \%settings);
73 $notice = $Lang::tr{'please reboot to apply your changes'};
74 }
75 }
76
77 my %checked = ();
78 $checked{'ENABLE_SMT'}{'auto'} = '';
79 $checked{'ENABLE_SMT'}{'on'} = '';
80 $checked{'ENABLE_SMT'}{$settings{'ENABLE_SMT'}} = "checked";
81
82 &Header::openpage($Lang::tr{'processor vulnerability mitigations'}, 1, '');
83
84 &Header::openbigbox("100%", "left", "", $errormessage);
85
86 if ($errormessage) {
87 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
88 print "<font color='red'>$errormessage</font>";
89 &Header::closebox();
90 }
91
92 if ($notice) {
93 &Header::openbox('100%', 'left', $Lang::tr{'notice'});
94 print "<font color='red'>$notice</font>";
95 &Header::closebox();
96 }
97
98 &Header::openbox('100%', 'center', $Lang::tr{'processor vulnerability mitigations'});
99
100 print <<END;
101 <table class="tbl" width='100%'>
102 <thead>
103 <tr>
104 <th align="center">
105 <strong>$Lang::tr{'vulnerability'}</strong>
106 </th>
107 <th align="center">
108 <strong>$Lang::tr{'status'}</strong>
109 </th>
110 </tr>
111 </thead>
112 <tbody>
113 END
114
115 my $id = 0;
116 for my $vuln (sort keys %VULNERABILITIES) {
117 my ($status, $message) = &check_status($vuln);
118 next if (!$status);
119
120 my $colour = "";
121 my $bgcolour = "";
122 my $status_message = "";
123
124 # Not affected
125 if ($status eq "Not affected") {
126 $status_message = $Lang::tr{'not affected'};
127 $colour = "white";
128 $bgcolour = ${Header::colourgreen};
129
130 # Vulnerable
131 } elsif ($status eq "Vulnerable") {
132 $status_message = $Lang::tr{'vulnerable'};
133 $colour = "white";
134 $bgcolour = ${Header::colourred};
135
136 # Mitigated
137 } elsif ($status eq "Mitigation") {
138 $status_message = $Lang::tr{'mitigated'};
139 $colour = "white";
140 $bgcolour = ${Header::colourblue};
141
142 # Unknown report from kernel
143 } else {
144 $status_message = $status;
145 $colour = "black";
146 $bgcolour = ${Header::colouryellow};
147 }
148
149 my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
150
151 print <<END;
152 <tr bgcolor="$table_colour">
153 <td align="left">
154 <strong>$VULNERABILITIES{$vuln}</strong>
155 </td>
156
157 <td bgcolor="$bgcolour" align="center">
158 <font color="$colour">
159 END
160 if ($message) {
161 print "<strong>$status_message</strong> - $message";
162 } else {
163 print "<strong>$status_message</strong>";
164 }
165
166 print <<END;
167 </font>
168 </td>
169 </tr>
170 END
171 }
172
173 print <<END;
174 </tbody>
175 </table>
176 END
177
178 &Header::closebox();
179
180 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
181
182 &Header::openbox('100%', 'center', $Lang::tr{'settings'});
183
184 my $smt_status = &smt_status();
185
186 print <<END;
187 <table class="tbl" width="100%">
188 <tbody>
189 <tr>
190 <th colspan="2" align="center">
191 <strong>$smt_status</strong>
192 </th>
193 </tr>
194
195 <tr>
196 <td width="50%" align="left">
197 $Lang::tr{'enable smt'}
198 </td>
199
200 <td width="50%" align="center">
201 <label>
202 <input type="radio" name="ENABLE_SMT"
203 value="auto" $checked{'ENABLE_SMT'}{'auto'}>
204 $Lang::tr{'automatic'}
205 </label> /
206 <label>
207 <input type="radio" name="ENABLE_SMT"
208 value="on" $checked{'ENABLE_SMT'}{'on'}>
209 $Lang::tr{'force enable'} ($Lang::tr{'dangerous'})
210 </label>
211 </td>
212 </tr>
213
214 <tr>
215 <td colspan="2" align="right">
216 <input type="submit" name="ACTION" value="$Lang::tr{'save'}">
217 </td>
218 </tr>
219 </tbody>
220 </table>
221 END
222
223 &Header::closebox();
224
225 print "</form>\n";
226
227 &Header::closebigbox();
228
229 &Header::closepage();
230
231 sub check_status($) {
232 my $vuln = shift;
233
234 open(FILE, "/sys/devices/system/cpu/vulnerabilities/$vuln") or return undef;
235 my $status = <FILE>;
236 close(FILE);
237
238 chomp($status);
239
240 # Fix status when something has been mitigated, but not fully, yet
241 if ($status =~ /^(Mitigation): (.*vulnerable.*)$/) {
242 return ("Vulnerable", $status);
243 }
244
245 if ($status =~ /^(Vulnerable|Mitigation): (.*)$/) {
246 return ($1, $2);
247 }
248
249 return $status;
250 }
251
252 sub smt_status() {
253 open(FILE, "/sys/devices/system/cpu/smt/control");
254 my $status = <FILE>;
255 close(FILE);
256
257 chomp($status);
258
259 if ($status eq "on") {
260 return $Lang::tr{'smt enabled'};
261 } elsif (($status eq "off") || ($status eq "forceoff")) {
262 return $Lang::tr{'smt disabled'};
263 } elsif ($status eq "notsupported") {
264 return $Lang::tr{'smt not supported'};
265 }
266
267 return $status;
268 }
IPFire 2.x development tree