diff --git a/src/libs/200_cpu_affected.sh b/src/libs/200_cpu_affected.sh
index 947edb5..503d2e4 100644
--- a/src/libs/200_cpu_affected.sh
+++ b/src/libs/200_cpu_affected.sh
@@ -180,7 +180,7 @@ is_cpu_affected() {
                 [ -z "$affected_variantl1tf" ] && affected_variantl1tf=immune
             else
                 pr_debug "is_cpu_affected: intel family 6 is vuln to l1tf"
-                affected_variantl1tf=vuln
+                [ -z "$affected_variantl1tf" ] && affected_variantl1tf=vuln
             fi
         elif [ "$cpu_family" -lt 6 ]; then
             pr_debug "is_cpu_affected: intel family < 6 is immune to l1tf"
@@ -192,6 +192,7 @@ is_cpu_affected() {
             # that they're unaffected by GDS. Also set by hypervisors on virtual CPUs
             # so that the guest kernel doesn't try to mitigate GDS when it's already mitigated on the host
             pr_debug "is_cpu_affected: downfall: not affected (GDS_NO)"
+            affected_downfall=immune
         elif [ "$cpu_family" = 6 ]; then
             # list from https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=64094e7e3118aff4b0be8ff713c242303e139834
             set -u
@@ -303,6 +304,7 @@ is_cpu_affected() {
             # they're not affected to TSA-SQ and TSA-L1
             # these vars are set in check_cpu()
             pr_debug "is_cpu_affected: TSA_SQ_NO and TSA_L1_NO are set so not vuln to TSA"
+            affected_tsa=immune
         elif [ "$cpu_family" = $((0x19)) ]; then
             affected_tsa=vuln
         fi