Re: intel-microcode not fixing CVE-2018-3640, CVE-2018-3615 on Debian 10?
On 13.01.21 17:15, Michael Stone wrote:
On Tue, Jan 12, 2021 at 05:25:23PM +0100, Giacomo Catenazzi wrote:
In any case, according Intel, microcode should be updated by BIOS
I wonder if anyone from intel can manage to say that with a straight
This is the dmesg | grep microcode output for the i5 gen3:
[ 0.000000] microcode: microcode updated early to revision 0x21, date
[ 0.222193] SRBDS: Vulnerable: No microcode
[ 1.067686] microcode: sig=0x306a9, pf=0x10, revision=0x21
[ 1.067856] microcode: Microcode Update Driver: v2.2.
and here the one for the E3 v5:
[ 0.000000] microcode: microcode updated early to revision 0xd6, date
[ 0.379026] SRBDS: Vulnerable: No microcode
[ 1.625090] microcode: sig=0x506e3, pf=0x2, revision=0xd6
[ 1.625215] microcode: Microcode Update Driver: v2.2.
Seems like the microcode is applied to my CPUs. This is also supported
by numerous other CVEs getting mitigated after intel-microcode
I also tried the latest meltdown-spectre-checker (v0.44), the results
are the same (plus another red 2020 CVE).