On Fri, Jan 08, 2021 at 09:12:53PM +0100, Christoph Pflügler wrote:
Installing package intel-microcode in Debian 10 (Buster) mitigates
most vulnerabilities as per spectre-meltdown-checker. However,
CVE-2018-3640 and CVE-2018-3615 are still displayed as unmitigated
after reboot, with spectre-meltdown-checker --explain (executed as su)
pointing to missing microcode upgrades.
According to the Debian package description of intel-microcode, the
two vulnerabilities are fixed in the current version of the package.
This occurs in exactly the same way on two different machines, one
with an i5-3320M CPU and another one with an E3-1235L v5.
If I remember correctly, I was all green as per
spectre-meltdown-checker in Debian 9 (Stretch).
What version of intel-microcode do you have installed?
