[Git][security-tracker-team/security-tracker][master] Triage CVE-2023-45733, CVE-2023-45745, CVE-2023-46103 & CVE-2023-47855 in...
Chris Lamb (@lamby)
lamby at debian.org
Wed May 22 09:13:04 BST 2024
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a0cd2a32 by Chris Lamb at 2024-05-22T09:12:31+01:00
Triage CVE-2023-45733, CVE-2023-45745, CVE-2023-46103 & CVE-2023-47855 in intel-microcode for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4499,24 +4499,28 @@ CVE-2023-47855 (Improper input validation in some Intel(R) TDX module software b
- intel-microcode 3.20240514.1
[bookworm] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
[bullseye] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
+ [buster] - intel-microcode <postponed> (Minor issue; can be fixed in next update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514
CVE-2023-45745 (Improper input validation in some Intel(R) TDX module software before ...)
- intel-microcode 3.20240514.1
[bookworm] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
[bullseye] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
+ [buster] - intel-microcode <postponed> (Minor issue; can be fixed in next update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514
CVE-2023-46103 (Sequence of processor instructions leads to unexpected behavior in Int ...)
- intel-microcode 3.20240514.1
[bookworm] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
[bullseye] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
+ [buster] - intel-microcode <postponed> (Minor issue; can be fixed in next update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514
CVE-2023-45733 (Hardware logic contains race conditions in some Intel(R) Processors ma ...)
- intel-microcode 3.20240514.1
[bookworm] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
[bullseye] - intel-microcode <no-dsa> (Minor issue; can be fixed in point release)
+ [buster] - intel-microcode <postponed> (Minor issue; can be fixed in next update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240514
CVE-2024-5023 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0cd2a32bc4f5d0de27aa95b531c8b3c237a76e9
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0cd2a32bc4f5d0de27aa95b531c8b3c237a76e9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240522/77b30700/attachment.htm>
More information about the debian-security-tracker-commits
mailing list