[Git][security-tracker-team/security-tracker][master] Reference amd64-microcode changes needed for TSA mitiations

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0bfb2700 by Salvatore Bonaccorso at 2025-07-19T23:00:01+02:00
Reference amd64-microcode changes needed for TSA mitiations

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3720,7 +3720,7 @@ CVE-2024-36357 (A transient execution vulnerability in some AMD processors may a
 	NOTE: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html
 	NOTE: https://aka.ms/enter-exit-leak
 	NOTE: https://www.microsoft.com/en-us/research/wp-content/uploads/2025/07/Enter-Exit-SP26.pdf
-	TODO: check amd64-microcode update covering the updates
+	NOTE: https://gitlab.com/kernel-firmware/linux-firmware/-/commit/331eac9144402d6cfa02ff3b2888a40bb9a7a01a
 CVE-2024-36350 (A transient execution vulnerability in some AMD processors may allow a ...)
 	- amd64-microcode <unfixed> (bug #1109035)
 	- linux 6.12.37-1
@@ -3731,7 +3731,7 @@ CVE-2024-36350 (A transient execution vulnerability in some AMD processors may a
 	NOTE: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html
 	NOTE: https://aka.ms/enter-exit-leak
 	NOTE: https://www.microsoft.com/en-us/research/wp-content/uploads/2025/07/Enter-Exit-SP26.pdf
-	TODO: check amd64-microcode update covering the updates
+	NOTE: https://gitlab.com/kernel-firmware/linux-firmware/-/commit/331eac9144402d6cfa02ff3b2888a40bb9a7a01a
 CVE-2025-7346 (Any unauthenticated attacker can bypass the localhost  restrictions po ...)
 	- pyload <itp> (bug #1001980)
 CVE-2025-7327 (The Widget for Google Reviews plugin for WordPress is vulnerable to Di ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bfb2700f1efe4105bddccc194354f4295de018e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bfb2700f1efe4105bddccc194354f4295de018e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250719/0d597a89/attachment.htm>