Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fbab80ac by Moritz Muehlenhoff at 2018-05-22T10:49:05+02:00
Add microcode packages for tracking to spectre v3a and v4
v3s will entirely be fixed by microcode changes and the fix for v4 will
equally require updated microcode.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20571,14 +20571,20 @@ CVE-2018-3641 (Escalation of privilege in all
versions of the Intel Remote Keybo
NOT-FOR-US: Intel
CVE-2018-3640 [Spectre V3a]
RESERVED
+ - intel-microcode <unfixed>
+ - amd-microcode <unfixed>
NOTE:
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
NOTE: No software mitigations planned to be implemented in src:linux
+ NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
CVE-2018-3639 [Speculative Store Bypass]
RESERVED
+ - intel-microcode <unfixed>
+ - amd-microcode <unfixed>
- linux <unfixed>
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-263.html
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
+ NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
CVE-2018-3638 (Escalation of privilege in all versions of the Intel Remote
Keyboard ...)
NOT-FOR-US: Intel
CVE-2018-3637
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbab80ac365471ea37b9b48642c04d1ffcf93696
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbab80ac365471ea37b9b48642c04d1ffcf93696
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
