From 19b1ccb2a9fa6e35ebb3cbfc36625dfefd970b6d Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 15 Aug 2022 17:38:38 +0200
Subject: Add descriptions for CVE-2022-2990{0,1}/RETBleed

---
 dsa-texts/5.10.136-1 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/dsa-texts/5.10.136-1 b/dsa-texts/5.10.136-1
index 9ba8f3d4..0acec148 100644
--- a/dsa-texts/5.10.136-1
+++ b/dsa-texts/5.10.136-1
@@ -35,8 +35,25 @@ CVE-2022-26373
 
 CVE-2022-29900
 
+    Johannes Wikner and Kaveh Razavi reported that for AMD/Hygon
+    processors, mis-trained branch predictions for return instructions
+    may allow arbitrary speculative code execution under certain
+    microarchitecture-dependent conditions.
+
+    A list of affected ADMD CPU types can be found at
+    <https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037>
+
 CVE-2022-29901
 
+    Johannes Wikner and Kaveh Razavi reported that for Intel processors
+    (Intel Core generation 6, 7 and 8), protections against speculative
+    branch target injection attacks were insufficient in some
+    circumstances, which may allow arbitrary speculative code execution
+    under certain microarchitecture-dependent conditions.
+
+    More information can be found at
+    <https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/return-stack-buffer-underflow.html>
+
 CVE-2022-36879
 
 CVE-2022-36946
-- 
cgit v1.2.3