Affected Products: AMD 7200 series servers running Proxmox
Overview
A critical security vulnerability, termed "Zenbleed" (CVE-2023-20593), has been identified in the AMD 7200 series servers running Proxmox. This flaw could potentially lead to data theft at a rate of 30kb per core, per second. Immediate action is required to safeguard your servers against this exploit.
Symptoms:
- Potential unauthorized data access.
- Data theft at a rate of 30kb per core, per second as it passes through the processor.
Solution
Follow the steps below to apply the necessary updates on your Proxmox server:
Step 1: Add the Unstable Repository:
Execute the following command to add the unstable repository to your Debian server's configuration:
echo "deb http://deb.debian.org/debian/ unstable non-free-firmware" > /etc/apt/sources.list.d/debian-unstable.list
Step 2: Update Repositories:
Update all repositories with the command:
apt update
Ensure no packages will upgrade from the unstable repository by checking for upgradable packages:
apt list --upgradable
Step 3: Install Microcode Package for AMD CPU
Install the appropriate microcode package for AMD CPUs with the command:
apt install amd64-microcode
Step 4: Reboot the Server.
To apply the changes and ensure the microcode updates take effect, reboot your server with:
Reboot
Step 5: Verify Microcode Update
After rebooting, confirm the microcode has been updated correctly by executing:
journalctl -k --grep="microcode updated early to"
Important Note
This is a critical security update. We urge you to apply these steps immediately to ensure the security of your Proxmox servers against the Zenbleed vulnerability.
For further assistance or questions, please refer to the official Proxmox documentation or community forums.