Hi everyone !
When does the patch for CVE-2022-40982 vulnerability come?
I found that it solved by RedHat https://access.redhat.com/errata/RHBA-2023:4994
Thanks
That CVE is addressed by microcode_ctl-4:20220809-2.20230808.2.el8_8.
[root@cm01 ansible]# rpm -q microcode_ctl
microcode_ctl-20220809-2.20230808.2.el8_8.x86_64
[root@cm01 ansible]# rpm -q microcode_ctl --changelog | head
* Tue Aug 22 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2.20230808.2
- Add support for the new, more correct, variant of dracut's default
$fw_dir path in dracut_99microcode_ctl-fw_dir_override_module_init.sh.
* Thu Aug 10 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2.20230808.1
- Update Intel CPU microcode to microcode-20230808 release, addresses
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2229733):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
to 0x2007006;
[root@cm01 ansible]# rpm -q microcode_ctl --changelog | grep CVE-2022-40982
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2229733):
That link is for RHEL 8.6 EUS, not for 8.8. Rocky Linux 8.6 is no longer in support.