January 5, 2021

Spec_store_bypass vulnerability (debian 10.6)

I’m scanning for vulnerabilities with OpenVAS (GVM) from a Kali VM to a Debian 10.6 in an internal network through virtualbox.

The target is a Debian 10.6 (text-mode) and the vulnerability I’ve found has to do with “missing kernel mitigations for speculative store bypass”.

I’ve updated my kernel from 4.19 to 5.9 and the intel microcode (in the vm), I also tried forcefully enabling spec_store_bypass in /etc/default/grub (not sure about this, also put mitigations=on)

When I check /sys/devices/system/cpu/vulnerabilities/spec_store_bypass on the target it still shows as “vulnerable” and upon scanning it with openvas on kali the same thing happens.

I don’t know what to do anymore, any help is appreciated.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.