[Git][security-tracker-team/security-tracker][master] Add xen from XSA-407

Tue, 12 Jul 2022 12:36:43 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fb9b9b7a by Salvatore Bonaccorso at 2022-07-12T21:35:24+02:00
Add xen from XSA-407

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15376,9 +15376,11 @@ CVE-2022-29901 [Information leak through mispredicted 
returns on Intel processor
 CVE-2022-29900 [Information leak through mispredicted returns on AMD 
processors]
        RESERVED
        - linux <unfixed>
+       - xen <unfixed>
        NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
        NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
        NOTE: 
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
+       NOTE: https://xenbits.xen.org/xsa/advisory-407.html
 CVE-2022-29899
        RESERVED
 CVE-2022-29898 (On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an 
admin user c ...)
@@ -33998,9 +34000,11 @@ CVE-2022-23826
 CVE-2022-23825 [AMD CPUs exhibit phantom jumps]
        RESERVED
        - linux <unfixed>
+       - xen <unfixed>
        NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
        NOTE: 
https://comsec.ethz.ch/wp-content/files/retbleed_addendum_sec22.pdf
        NOTE: 
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
+       NOTE: https://xenbits.xen.org/xsa/advisory-407.html
 CVE-2022-23824
        RESERVED
 CVE-2022-23823 (A potential vulnerability in some AMD processors using 
frequency scali ...)
@@ -34022,11 +34026,13 @@ CVE-2022-23817
 CVE-2022-23816
        RESERVED
        - linux <unfixed>
+       - xen <unfixed>
        NOTE: This is the AMD assigned CVE for Retbleed (CVE-2022-29900), as 
AMD did not
        NOTE: agree on the coverage for CVE-2022-29900: As stated in the Xen 
advisory 407:
        NOTE: On AMD CPUs, Retbleed is one specific instance of a more general
        NOTE: microarchitectural behaviour called Branch Type Confusion.  AMD 
have
        NOTE: assigned CVE-2022-23816 (Retbleed) and CVE-2022-23825 (Branch 
Type Confusion).
+       NOTE: https://xenbits.xen.org/xsa/advisory-407.html
 CVE-2022-23815
        RESERVED
 CVE-2022-23814



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb9b9b7ae9da115a111da367f568635b805aa542

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb9b9b7ae9da115a111da367f568635b805aa542
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to