Red Hat Open-Sources Scanner That Checks Linux Binaries For Spectre V1 Potential
Written by Michael Larabel in Red Hat on 18 July 2018 at 11:06 AM EDT. 2 Comments
RED HAT --
The great folks at Red Hat have open-sourced a new security checker that is able to scan compiled Linux x86_64 binaries to look for potential Spectre Variant One vulnerabilities.

While the Smatch static analysis tool has been useful for finding potential Spectre Variant One speculation vulnerabilities within the kernel's C code, that tool works off the kernel sources and is tailored to the kernel. With Red Hat's tool made public today, compiled Linux binaries can be analyzed for potential Spectre Variant One vulnerabilities.

Running this scanner just requires providing the path to the binary and a starting memory address inside the binary, which typically will be a syscall entry point. This scanner emulates the execution of the instructions and tracks the values in registers and memory while looking out for potential speculation.

Those wanting to learn more about this Spectre V1 Linux scanning tool can read today's announcement and download links via access.redhat.com.
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Red Hat News
Popular News This Week