Gather Data Sampling vulnerability (GDS) - CVE-2022-40982

Hi everyone !
When does the patch for CVE-2022-40982 vulnerability come?
I found that it solved by RedHat

That CVE is addressed by microcode_ctl-4:20220809-2.20230808.2.el8_8.

[root@cm01 ansible]# rpm -q microcode_ctl
[root@cm01 ansible]# rpm -q microcode_ctl --changelog | head
* Tue Aug 22 2023 Eugene Syromiatnikov <> - 4:20220809-2.20230808.2
- Add support for the new, more correct, variant of dracut's default
  $fw_dir path in

* Thu Aug 10 2023 Eugene Syromiatnikov <> - 4:20220809-2.20230808.1
- Update Intel CPU microcode to microcode-20230808 release, addresses
  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2229733):
  - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
    intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
    to 0x2007006;
[root@cm01 ansible]# rpm -q microcode_ctl --changelog | grep CVE-2022-40982
  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2229733):

That link is for RHEL 8.6 EUS, not for 8.8. Rocky Linux 8.6 is no longer in support.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.