[Git][security-tracker-team/security-tracker][master] Update status for retbleed related CVEs for linux in buster with kernel-sec

Wed, 28 Sep 2022 21:21:14 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
69fb3a26 by Salvatore Bonaccorso at 2022-09-29T06:20:18+02:00
Update status for retbleed related CVEs for linux in buster with kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31563,12 +31563,14 @@ CVE-2022-1526 (A vulnerability, which was classified 
as problematic, was found i
 CVE-2022-29901 (Intel microprocessor generations 6 to 8 are affected by a new 
Spectre  ...)
        {DSA-5207-1 DLA-3102-1}
        - linux 5.18.14-1
+       [buster] - linux <ignored> (Mitigation is too invasive to backport)
        NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
        NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
 CVE-2022-29900 (Mis-trained branch predictions for return instructions may 
allow arbit ...)
        {DSA-5207-1 DSA-5184-1 DLA-3102-1}
        - linux 5.18.14-1
+       [buster] - linux <ignored> (Mitigation is too invasive to backport)
        - xen 4.16.2-1
        [buster] - xen <end-of-life> (DSA 4677-1)
        NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
@@ -50324,6 +50326,7 @@ CVE-2022-23816
        RESERVED
        {DSA-5207-1 DSA-5184-1}
        - linux 5.18.14-1
+       [buster] - linux <ignored> (New mitigations are too invasive to 
backport)
        - xen 4.16.2-1
        [buster] - xen <end-of-life> (DSA 4677-1)
        NOTE: This is the AMD assigned CVE for Retbleed (CVE-2022-29900), as 
AMD did not



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69fb3a260884319525dd3f801926876eb1be2bd3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69fb3a260884319525dd3f801926876eb1be2bd3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to