{
  "schema_version": "1.7.0",
  "id": "MGASA-2024-0025",
  "published": "2024-02-04T02:49:27Z",
  "modified": "2024-02-04T01:34:04Z",
  "summary": "Updated dracut package fixes enabling microcode",
  "details": "The updated package fixes enabling early microcode on kernels 6.6+.\nOn affected systems, CPU microcode updates were not loaded. CPU\nmicrocode updates are sometimes necessary in order to address important\nsecurity vulnerabilities. If CPU microcode updates are not properly\nloaded, these security vulnerabilities may remain exploitable.\n",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2024-0025.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=32791"
    },
    {
      "type": "WEB",
      "url": "https://www.qubes-os.org/news/2023/12/15/qsb-098/"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dracutdevs/dracut/commit/6c80408c8644a0add1907b0593eb83f90d6247b1"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "dracut",
        "purl": "pkg:rpm/mageia/dracut?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "057-4.1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}