enh: add BSD stubs for CVE-2022-40982 CVE-2023-20569 CVE-2023-23583, detecting unaffected CPUs

src/vulns/CVE-2022-40982.sh

@@ -97,3 +97,12 @@ check_CVE_2022_40982_linux() {
         pvulnstatus "$cve" "$status" "$msg"
     fi
 }
+
+# CVE-2022-40982 Downfall (gather data sampling) - BSD mitigation check
+check_CVE_2022_40982_bsd() {
+    if ! is_cpu_affected "$cve"; then
+        pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
+    else
+        pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script"
+    fi
+}

src/vulns/CVE-2023-20569.sh

@@ -207,3 +207,12 @@ check_CVE_2023_20569_linux() {
         fi
     fi
 }
+
+# CVE-2023-20569 Inception (SRSO, speculative return stack overflow) - BSD mitigation check
+check_CVE_2023_20569_bsd() {
+    if ! is_cpu_affected "$cve"; then
+        pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
+    else
+        pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script"
+    fi
+}

src/vulns/CVE-2023-23583.sh

@@ -30,3 +30,12 @@ check_CVE_2023_23583_linux() {
         fi
     fi
 }
+
+# CVE-2023-23583 Reptar (redundant prefix issue) - BSD mitigation check
+check_CVE_2023_23583_bsd() {
+    if ! is_cpu_affected "$cve"; then
+        pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
+    else
+        pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script"
+    fi
+}