[Git][security-tracker-team/security-tracker][master] Associate CVE-2019-9836 with amd64-microcode

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 21 06:34:55 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7a3198a by Salvatore Bonaccorso at 2022-04-21T07:32:57+02:00
Associate CVE-2019-9836 with amd64-microcode

Consider it as fixed with the 3.20220411.1 to unstable:

   * Update package data from linux-firmware 20220411:
[...]
     * New AMD-SEV firmware from AMD upstream (20220308)
       Fixes: CVE-2019-9836 (closes: #970395)
       + New SEV firmware:
         Family 17h models 00h-0fh: version 0.17 build 48
         Family 17h models 30h-3fh: version 0.24 build 15
         Family 19h models 00h-0fh: version 1.51 build 3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -204989,7 +204989,8 @@ CVE-2019-9837 (Doorkeeper::OpenidConnect (aka the OpenID Connect extension for D
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/61
 	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/66
 CVE-2019-9836 (Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD)  ...)
-	NOT-FOR-US: AMD Secure Encrypted Virtualization (SEV)
+	- amd64-microcode 3.20220411.1 (bug #970395)
+	NOTE: https://seclists.org/fulldisclosure/2019/Jun/46
 CVE-2019-9835 (The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set L ...)
 	NOT-FOR-US: Fujitsu Wireless Keyboard Set LX901 GK900 devices
 CVE-2019-9834 (** DISPUTED ** The Netdata web application through 1.13.0 allows remot ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7a3198aa4d375f30a3b834be6796e1705052b33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7a3198aa4d375f30a3b834be6796e1705052b33
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220421/87572345/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list