Yet another major AMD security flaw on Ryzen CPUs

xlbooyahlx

Well-Known Member
Joined
Jun 26, 2023
Messages
322
Reaction score
280
Credits
2,211

AMD 'Zenbleed' Bug Leaks Data From Zen 2 Ryzen, EPYC CPUs: Most Patches Coming Q4​



AMD has responded with key details and published a security advisory with the expected dates for new firmwares, many of which don't arrive until the end of the year

Flaw in AMD Zen 2 chips allows threat actors to exfiltrate encryption keys

And here's a recent Linus Torvalds rant about the state of AMD on what I believe is a different issue.

I'm pretty sure I saw an AMD microcode patch coming in within a few days of this on Mint, so I assume it was for linux in general.



AMD has patches ready for its EPYC 7002 'Rome' processors now, but it will not patch its consumer Zen 2 Ryzen 3000, 4000, and some 5000-series chips until November and December of this year. AMD's processors used in the PS5, Xbox Series X and S, and Steam Deck are all also powered by Zen 2 chips, but it remains unclear if those are impacted. We're following up for more details. We have added details further below about mitigation schedules.
 


Not surprising as fast as manufacturers shove product out onto the market to be sold.
Seems everything electronic that can access the internet is full of holes and has security vulnerabilities.
What's bad is no matter what we the user may do at our end to stay safe and secure the user(s) computer at the other end most likely isn't secure.
No safety anywhere these days.
 
Not surprising as fast as manufacturers shove product out onto the market to be sold.
Seems everything electronic that can access the internet is full of holes and has security vulnerabilities.
What's bad is no matter what we the user may do at our end to stay safe and secure the user(s) computer at the other end most likely isn't secure.
No safety anywhere these days.
Yeah, right now I am quite ok with my "old school" Lenovo Intel chipped ThinkCentre. This day and age it's not too bad running older hardware at all. Not that it is bullet proof or anything but at least it looks like a diminished attack vector. If used exercising common sense of course.
 
It is suddenly reassuring to be running a Zen+ chip rather than Zen 2, I think that hardware manufacturers focus far more on fast releases than on rigid quality control as of late, if Spectre and Meltdown are anything to go by.
 
Meltdown and Spectre spring to mind.

Before, we'd get errata with our CPUs 'cause there was always some problem or another, but these days we get actual vulnerabilities that can be exploited.

On the other hand, man modern CPUs are pretty awesome.
 
It appears as though the last patch was a bit hasty, and didn't do the job properly!
 

Members online


Top