Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On 13.01.21 23:49, Michael Stone wrote: On Wed, Jan 13, 2021 at 09:49:43PM +0100, Christoph Pflügler wrote: [    0.00] microcode: microcode updated early to revision 0xd6, date = 2019-10-03 [    0.379026] SRBDS: Vulnerable: No microcode [    1.625090] microcode: sig=0x506e3, pf=0x2, revis

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On Wed, Jan 13, 2021 at 09:49:43PM +0100, Christoph Pflügler wrote: [    0.00] microcode: microcode updated early to revision 0xd6, date = 2019-10-03 [    0.379026] SRBDS: Vulnerable: No microcode [    1.625090] microcode: sig=0x506e3, pf=0x2, revision=0xd6 [    1.625215] microcode: Microcod

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On 13.01.21 17:15, Michael Stone wrote: On Tue, Jan 12, 2021 at 05:25:23PM +0100, Giacomo Catenazzi wrote: In any case, according Intel, microcode should be updated by BIOS I wonder if anyone from intel can manage to say that with a straight face. This is the dmesg | grep microcode outpu

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On Tue, Jan 12, 2021 at 05:25:23PM +0100, Giacomo Catenazzi wrote: In any case, according Intel, microcode should be updated by BIOS I wonder if anyone from intel can manage to say that with a straight face.

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On 09.01.2021 20:42, James Wallen wrote: On 1/9/21 9:48 AM, Christoph Pflügler wrote: With an E3 v5, linux 4.19.0-13, and intel-microcode 3.20200616.1 the checker reports green for those checks on my test system. Do you have the latest spectre-meltdown-checker, and are you running it as roo

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On 1/9/21 9:48 AM, Christoph Pflügler wrote: On 08.01.21 23:40, Michael Stone wrote: On Fri, Jan 08, 2021 at 10:48:30PM +0100, Christoph Pflügler wrote: On 08.01.21 22:34, Michael Stone wrote: On Fri, Jan 08, 2021 at 09:12:53PM +0100, Christoph Pflügler wrote: Installing package intel-microco

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On 08.01.21 23:40, Michael Stone wrote: On Fri, Jan 08, 2021 at 10:48:30PM +0100, Christoph Pflügler wrote: On 08.01.21 22:34, Michael Stone wrote: On Fri, Jan 08, 2021 at 09:12:53PM +0100, Christoph Pflügler wrote: Installing package intel-microcode in Debian 10 (Buster) mitigates most vuln

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On Fri, Jan 08, 2021 at 10:48:30PM +0100, Christoph Pflügler wrote: On 08.01.21 22:34, Michael Stone wrote: On Fri, Jan 08, 2021 at 09:12:53PM +0100, Christoph Pflügler wrote: Installing package intel-microcode in Debian 10 (Buster) mitigates most vulnerabilities as per spectre-meltdown-checker

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On 08.01.21 22:34, Michael Stone wrote: On Fri, Jan 08, 2021 at 09:12:53PM +0100, Christoph Pflügler wrote: Installing package intel-microcode in Debian 10 (Buster) mitigates most vulnerabilities as per spectre-meltdown-checker. However, CVE-2018-3640 and CVE-2018-3615 are still displayed as

Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

On Fri, Jan 08, 2021 at 09:12:53PM +0100, Christoph Pflügler wrote: Installing package intel-microcode in Debian 10 (Buster) mitigates most vulnerabilities as per spectre-meltdown-checker. However, CVE-2018-3640 and CVE-2018-3615 are still displayed as unmitigated after reboot, with spectre-mel

intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?

Installing package intel-microcode in Debian 10 (Buster) mitigates most vulnerabilities as per spectre-meltdown-checker. However, CVE-2018-3640 and CVE-2018-3615 are still displayed as unmitigated after reboot, with spectre-meltdown-checker --explain (executed as su) pointing to missing microco