[Git][security-tracker-team/security-tracker][master] Update status for retbleed related CVEs for linux in buster with kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 29 05:20:57 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
69fb3a26 by Salvatore Bonaccorso at 2022-09-29T06:20:18+02:00
Update status for retbleed related CVEs for linux in buster with kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31563,12 +31563,14 @@ CVE-2022-1526 (A vulnerability, which was classified as problematic, was found i
CVE-2022-29901 (Intel microprocessor generations 6 to 8 are affected by a new Spectre ...)
{DSA-5207-1 DLA-3102-1}
- linux 5.18.14-1
+ [buster] - linux <ignored> (Mitigation is too invasive to backport)
NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html
CVE-2022-29900 (Mis-trained branch predictions for return instructions may allow arbit ...)
{DSA-5207-1 DSA-5184-1 DLA-3102-1}
- linux 5.18.14-1
+ [buster] - linux <ignored> (Mitigation is too invasive to backport)
- xen 4.16.2-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
@@ -50324,6 +50326,7 @@ CVE-2022-23816
RESERVED
{DSA-5207-1 DSA-5184-1}
- linux 5.18.14-1
+ [buster] - linux <ignored> (New mitigations are too invasive to backport)
- xen 4.16.2-1
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: This is the AMD assigned CVE for Retbleed (CVE-2022-29900), as AMD did not
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69fb3a260884319525dd3f801926876eb1be2bd3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69fb3a260884319525dd3f801926876eb1be2bd3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220929/a1246af7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list