###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
require "${General::swroot}/header.pl";
my %VULNERABILITIES = (
+ "gather_data_sampling" => "$Lang::tr{'downfall gather data sampling'} (CVE-2022-40982)",
+ "itlb_multihit" => "$Lang::tr{'itlb multihit'} (CVE-2018-12207)",
"l1tf" => "$Lang::tr{'foreshadow'} (CVE-2018-3620)",
"mds" => "$Lang::tr{'fallout zombieload ridl'} (CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091)",
"meltdown" => "$Lang::tr{'meltdown'} (CVE-2017-5754)",
+ "mmio_stale_data" => "$Lang::tr{'mmio stale data'} (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166)",
+ "retbleed" => "$Lang::tr{'retbleed'} (CVE-2022-29900, CVE-2022-29901)",
+ "spec_rstack_overflow" => "$Lang::tr{'spec rstack overflow'} (CVE-2023-20569)",
"spec_store_bypass" => "$Lang::tr{'spectre variant 4'} (CVE-2018-3639)",
"spectre_v1" => "$Lang::tr{'spectre variant 1'} (CVE-2017-5753)",
"spectre_v2" => "$Lang::tr{'spectre variant 2'} (CVE-2017-5715)",
+ "srbds" => "$Lang::tr{'srbds'} (CVE-2020-0543)",
+ "tsx_async_abort" => "$Lang::tr{'taa zombieload2'} (CVE-2019-11135)",
);
my $errormessage = "";
my %mainsettings = ();
my %color = ();
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
my %settings = (
"ENABLE_SMT" => "auto",
if ($status eq "Not affected") {
$status_message = $Lang::tr{'not affected'};
$colour = "white";
- $bgcolour = ${Header::colourblack};
+ $bgcolour = ${Header::colourgreen};
# Vulnerable
} elsif ($status eq "Vulnerable") {
$colour = "white";
$bgcolour = ${Header::colourred};
- # Mitigated but smt is enabled
- } elsif ($status eq "Mitigation-SMT") {
- $status_message = $Lang::tr{'mitigated'};
- $colour = "white";
- $bgcolour = ${Header::colourred};
-
# Mitigated
} elsif ($status eq "Mitigation") {
$status_message = $Lang::tr{'mitigated'};
$colour = "white";
- $bgcolour = ${Header::colourgreen};
+ $bgcolour = ${Header::colourblue};
# Unknown report from kernel
} else {
<font color="$colour">
END
if ($message) {
- print "<strong>$status_message</strong>: $message";
+ print "<strong>$status_message</strong> - $message";
} else {
print "<strong>$status_message</strong>";
}
my $status = <FILE>;
close(FILE);
+ chomp($status);
+
+ # Fix status when something has been mitigated, but not fully, yet
if ($status =~ /^(Mitigation): (.*vulnerable.*)$/) {
- return ("Mitigation-SMT", $2);
+ return ("Vulnerable", $status);
}
if ($status =~ /^(Vulnerable|Mitigation): (.*)$/) {
return ($1, $2);
- }
+ }
return $status;
}
projects / ipfire-2.x.git / blobdiff