Hi everyone !
When does the patch for CVE-2022-40982 vulnerability come?
I found that it solved by RedHat https://access.redhat.com/errata/RHBA-2023:4994
Thanks
That CVE is addressed by microcode_ctl-4:20220809-2.20230808.2.el8_8.
[root@cm01 ansible]# rpm -q microcode_ctl
microcode_ctl-20220809-2.20230808.2.el8_8.x86_64
[root@cm01 ansible]# rpm -q microcode_ctl --changelog | head
* Tue Aug 22 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2.20230808.2
- Add support for the new, more correct, variant of dracut's default
$fw_dir path in dracut_99microcode_ctl-fw_dir_override_module_init.sh.
* Thu Aug 10 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2.20230808.1
- Update Intel CPU microcode to microcode-20230808 release, addresses
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2229733):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
to 0x2007006;
[root@cm01 ansible]# rpm -q microcode_ctl --changelog | grep CVE-2022-40982
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2229733):
That link is for RHEL 8.6 EUS, not for 8.8. Rocky Linux 8.6 is no longer in support.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.