CVE-2022-40982 on Ubuntu Mantic Linux Kernel still not fixed
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
intel-microcode (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Mantic |
New
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Mantic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
An pro fix CVE-2022-40982 gives me an ✘ CVE-2022-40982 is not resolved. Strangely without a specific description of the affected package:
"1 package is still affected: linux"
But, when i look up the CVW here: https:/
it is mentioned that the fix is contained with the new version of intel-microcode: mantic Released (3.20230808.1) And that's the version i seem to have installed:
apt show intel-microcode:
"Package: intel-microcode Version: 3.20230808.1"
Any Ideas on that?
ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: intel-microcode 3.20230808.1
ProcVersionSign
Uname: Linux 6.5.0-9-generic x86_64
ApportVersion: 2.27.0-0ubuntu5
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: Unity:Unity7:ubuntu
Date: Tue Oct 24 16:05:24 2023
InstallationDate: Installed on 2022-08-05 (445 days ago)
InstallationMedia: Ubuntu Unity 22.04
SourcePackage: intel-microcode
UpgradeStatus: Upgraded to mantic on 2023-10-12 (12 days ago)
CVE References
summary: |
- pro fix shows CVE-2022-40982 is not resolved although fixed version is - installed + CVE-2022-40982 on Ubuntu Mantic Linux Kernel still not fixed |
information type: | Private Security → Public Security |
Grant, could you please take a look on this report?