Control: severity -1 grave
On 2025-02-08 10:53, Markus Koschany wrote:
> The following vulnerability was published for amd64-microcode.
>
> CVE-2024-56161[0]:
> | Improper signature verification in AMD CPU ROM microcode patch
> | loader may allow an attacker with local administrator privilege to
Hi Nenrique,
On Sat, Mar 08, 2025 at 12:56:25PM -0300, Henrique de Moraes Holschuh wrote:
> retitle 1095470 amd64-microcode: CVE-2024-56161 updated AMD-SEV FW needed to
> pass attestation
> severity 1095470 important
> clone 1095470 -1
> tag 1095470 + fixed-upstream
> retitle -1 amd64-microcode
retitle 1095470 amd64-microcode: CVE-2024-56161 updated AMD-SEV FW needed to
pass attestation
severity 1095470 important
clone 1095470 -1
tag 1095470 + fixed-upstream
retitle -1 amd64-microcode: CVE-2024-36347 weak microcode update validation
tag -1 = upstream security wontfix
severity -1 import
On Thu, Mar 6, 2025, at 07:59, Christian Kastner wrote:
> Control: severity -1 grave
I will keep this open for a little while, and try to ask AMD about it directly,
but expect either bad news, or extremely bad news for anyone that is not in a
position to get a new firmware from their vendor or f
Package: amd64-microcode
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for amd64-microcode.
CVE-2024-56161[0]:
| Improper signature verification in AMD CPU ROM microcode patch
| loader may allow an attacker with local admi
5 matches
Mail list logo
