Bug#954023: stretch-pu: package amd64-microcode/3.20181128.1~deb9u1
On Sat, 21 Mar 2020, Adam D. Barratt wrote:
> On Sun, 2020-03-15 at 21:37 +0100, Anton Gladky wrote:
> > I have prepared an update for amd64-microcode for Debian Stretch,
> > which fixes CVE-2017-5715. Please see an attached debdiff.
> >
> > This is the newer upstream version, which fixes CVE-2017-5715.
> > Security team marked this CVE for Stretch as <no-dsa> [1].
>
> Do you have any input / thoughts on this proposed update?
The microcode might be safe enough, we don't have regressions reported
against the lastest one (which is just a revert by AMD of an update that
did cause regressions when not applied through UEFI).
But that's with recent kernels.
I have no idea about the kernel codepaths it might activate, though, if
new MSRs are exposed.
--
Henrique Holschuh
Reply to: