Re: Zenbleed - CVE-2023-20593

dummy@example.com (Marjorie) — Wed, 26 Jul 2023 13:26:19 +0000

I'm not affected personally as my AMD 5600G is Zen3 not Zen2,

Nevertheless a AMD-microcode fix for Chimaera, Daedalus and Unstable landed this morning as a security update.

However as the end of that security-tracker (https://security-tracker.debian.org/tra … 2023-20593) it says:

3.20230719.1 ships the first batch of fixes, only for 2nd gen Epyc CPUs, further
CPUs to follow in later releases

This is the one we have now got. Epyc is a database CPU.

So there are still fixes to come for the other Zen2 (Ryzen) CPUs which aren't fixed yet.

More info here:

https://web.archive.org/web/20230724143 … bleed.html

If you haven't got the microcode fix there is a workaround mentioned in this article:

Workaround
It is highly recommended to use the microcode update.
If you can’t apply the update for some reason, there is a software workaround: you can set the chicken bit DE_CFG[9].
This may have some performance cost.
Linux
You can use msr-tools to set the chicken bit on all cores, like this:
# wrmsr -a 0xc0011029 $(($(rdmsr -c 0xc0011029) | (1<<9)))

Re: Zenbleed - CVE-2023-20593

dummy@example.com (stopAI) — Wed, 26 Jul 2023 11:10:36 +0000

This is fixed in Devuan Chimaera....

Zenbleed - CVE-2023-20593

dummy@example.com (soren) — Wed, 26 Jul 2023 10:36:23 +0000

Thought i should post this in the interest of security.

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

https://security-tracker.debian.org/tra … 2023-20593

Interesting take from OpenBSD

https://marc.info/?l=openbsd-tech&m=169021508718971&w=2

Dev1 Galaxy Forum / Zenbleed - CVE-2023-20593

Re: Zenbleed - CVE-2023-20593

Re: Zenbleed - CVE-2023-20593

Zenbleed - CVE-2023-20593