[Git][security-tracker-team/security-tracker][master] Add microcode packages for tracking to spectre v3a and v4

Moritz Muehlenhoff jmm at debian.org
Tue May 22 09:50:15 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbab80ac by Moritz Muehlenhoff at 2018-05-22T10:49:05+02:00
Add microcode packages for tracking to spectre v3a and v4

v3s will entirely be fixed by microcode changes and the fix for v4 will
equally require updated microcode.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20571,14 +20571,20 @@ CVE-2018-3641 (Escalation of privilege in all versions of the Intel Remote Keybo
 	NOT-FOR-US: Intel
 CVE-2018-3640 [Spectre V3a]
 	RESERVED
+	- intel-microcode <unfixed>
+	- amd-microcode <unfixed>
 	NOTE: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
 	NOTE: No software mitigations planned to be implemented in src:linux
+	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
 CVE-2018-3639 [Speculative Store Bypass]
 	RESERVED
+	- intel-microcode <unfixed>
+	- amd-microcode <unfixed>
 	- linux <unfixed>
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-263.html
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
+	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
 CVE-2018-3638 (Escalation of privilege in all versions of the Intel Remote Keyboard ...)
 	NOT-FOR-US: Intel
 CVE-2018-3637



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbab80ac365471ea37b9b48642c04d1ffcf93696

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbab80ac365471ea37b9b48642c04d1ffcf93696
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180522/20eb1851/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list