Installing package intel-microcode in Debian 10 (Buster) mitigates most
vulnerabilities as per spectre-meltdown-checker. However, CVE-2018-3640
and CVE-2018-3615 are still displayed as unmitigated after reboot, with
spectre-meltdown-checker --explain (executed as su) pointing to missing
microcode upgrades.
According to the Debian package description of intel-microcode, the two
vulnerabilities are fixed in the current version of the package.
This occurs in exactly the same way on two different machines, one with
an i5-3320M CPU and another one with an E3-1235L v5.
If I remember correctly, I was all green as per spectre-meltdown-checker
in Debian 9 (Stretch).
Does anybody have an explanation and/or fix for this issue?
Thanks and best regards,
Christoph
