Overview
Attention Debian server administrators! If you're running on AMD 7200 series servers, there's an urgent security concern you need to be aware of. The vulnerability, termed Zenbleed (CVE-2023-20593), could lead to potential data theft at a rate of 30kb per core, every second.
Solution
Step 1: Add the Unstable Repository:
Execute the following command to add the unstable repository to your Debian server's configuration:
echo "deb http://deb.debian.org/debian/ unstable non-free-firmware" > /etc/apt/sources.list.d/debian-unstable.list
Step 2: Update Repositories:
Update all repositories with the command:
apt update
Ensure no packages will upgrade from the unstable repository by checking for upgradable packages:
apt list --upgradable
Step 3: Install Microcode Package for AMD CPU
Install the appropriate microcode package for AMD CPUs with the command:
apt install amd64-microcode
Step 4: Reboot the Server.
To apply the changes and ensure the microcode updates take effect, reboot your server with:
Reboot
Step 5: Verify Microcode Update
After rebooting, confirm the microcode has been updated correctly by executing:
journalctl -k --grep="microcode updated early to"
Recommendation:
This is a critical security update. We strongly advise Debian server administrators to implement these steps immediately to protect against the Zenbleed vulnerability.