Уязвимы все альтовые лайвы:
# grep -A3 'Spectre V1' /var/log/dmesg
[ 0.298184] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[ 0.298273] Spectre V2 : Mitigation: Full generic retpoline
[ 0.298340] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[ 0.298427] Speculative Store Bypass: Vulnerable
Нет, процессоры, для которых нет и уже не будет исправления микрокода. Микрокод-то в ALT обновляется, только вот Intel забил на старые процессоры.
firmware-intel-ucode-16-alt1.20210608
Смотреть, кстати, лучше так:
grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/itlb_multihit:KVM: Mitigation: VMX unsupported
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
/sys/devices/system/cpu/vulnerabilities/mds:Vulnerable: Clear CPU buffers attempted, no microcode; SMT vulnerable
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, STIBP: disabled, RSB filling
/sys/devices/system/cpu/vulnerabilities/srbds:Not affected
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort:Not affected