Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-09 22:09:22 -04:00
Code Issues Projects Releases Packages Wiki Activity

Add reference

Browse source
This commit is contained in:
raja-grewal 2025-06-06 13:07:52 +00:00 committed by GitHub
parent dd0b55cc45
commit 72613203b9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -143,7 +143,7 @@ and simultaneous multithreading (SMT) is disabled. See the
Note, to achieve complete protection for known CPU vulnerabilities, the latest
security microcode (BIOS/UEFI) updates must be installed on the system. Furthermore,
if using Secure Boot, the Secure Boot Forbidden Signature Database (DBX) must be kept
up to date through [UEFI Revocation List](https://uefi.org/revocationlistfile) updates.
up to date through [UEFI Revocation List](https://github.com/microsoft/secureboot_objects) updates.
CPU mitigations:

1
etc/default/grub.d/40_cpu_mitigations.cfg
View file

@ -30,6 +30,7 @@
## The UEFI Revocation List contains signatures of now revoked firmware and software used in booting systems.
## If using compatible hardware, the database can be updated directly in user space using fwupd.
## Note that incorrectly performing DBX updates can potentially lead to serious functionality issues.
## https://github.com/microsoft/secureboot_objects
## https://uefi.org/revocationlistfile
## https://github.com/fwupd/fwupd