The officially official Devuan Forum!

You are not logged in.

#1 2023-07-26 10:36:23

Registered: 2023-04-30
Posts: 59  

Zenbleed - CVE-2023-20593

Thought i should post this in the interest of security.

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. … 2023-20593

Interesting take from OpenBSD


#2 2023-07-26 11:10:36

Registered: 2023-04-04
Posts: 52  

Re: Zenbleed - CVE-2023-20593

This is fixed in Devuan Chimaera....


#3 2023-07-26 13:26:19

From: Teignmouth, UK
Registered: 2019-06-09
Posts: 212  

Re: Zenbleed - CVE-2023-20593

I'm not affected personally as my AMD 5600G is Zen3 not Zen2,

Nevertheless a AMD-microcode fix for Chimaera, Daedalus and Unstable landed this morning as a security update.

However as the end of that security-tracker ( … 2023-20593) it says:

3.20230719.1 ships the first batch of fixes, only for 2nd gen Epyc CPUs, further
CPUs to follow in later releases

This is the one we have now got. Epyc is a database CPU.

So there are still fixes to come for the other Zen2 (Ryzen) CPUs which aren't fixed yet.

More info here: … bleed.html

If you haven't got the microcode fix there is a workaround mentioned in this article:


It is highly recommended to use the microcode update.

If you can’t apply the update for some reason, there is a software workaround: you can set the chicken bit DE_CFG[9].

This may have some performance cost.


You can use msr-tools to set the chicken bit on all cores, like this:

# wrmsr -a 0xc0011029 $(($(rdmsr -c 0xc0011029) | (1<<9)))

Last edited by Marjorie (2023-07-26 15:01:31)


Board footer