You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2023-07-26 10:36:23
- soren
- Member
- Registered: 2023-04-30
- Posts: 87
Zenbleed - CVE-2023-20593
Thought i should post this in the interest of security.
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
https://security-tracker.debian.org/tra … 2023-20593
Interesting take from OpenBSD
Offline
#2 2023-07-26 11:10:36
- stopAI
- Member
- Registered: 2023-04-04
- Posts: 131
Re: Zenbleed - CVE-2023-20593
This is fixed in Devuan Chimaera....
Offline
#3 2023-07-26 13:26:19
- Marjorie
- Member
- From: Teignmouth, UK
- Registered: 2019-06-09
- Posts: 219
Re: Zenbleed - CVE-2023-20593
I'm not affected personally as my AMD 5600G is Zen3 not Zen2,
Nevertheless a AMD-microcode fix for Chimaera, Daedalus and Unstable landed this morning as a security update.
However as the end of that security-tracker (https://security-tracker.debian.org/tra … 2023-20593) it says:
3.20230719.1 ships the first batch of fixes, only for 2nd gen Epyc CPUs, further
CPUs to follow in later releases
This is the one we have now got. Epyc is a database CPU.
So there are still fixes to come for the other Zen2 (Ryzen) CPUs which aren't fixed yet.
More info here:
https://web.archive.org/web/20230724143 … bleed.html
If you haven't got the microcode fix there is a workaround mentioned in this article:
Workaround
It is highly recommended to use the microcode update.
If you can’t apply the update for some reason, there is a software workaround: you can set the chicken bit DE_CFG[9].
This may have some performance cost.
Linux
You can use msr-tools to set the chicken bit on all cores, like this:
# wrmsr -a 0xc0011029 $(($(rdmsr -c 0xc0011029) | (1<<9)))
Last edited by Marjorie (2023-07-26 15:01:31)
Offline
Pages: 1
