Affected Products: AMD 7200 series servers running Almalinux
Overview
A critical security vulnerability, termed "Zenbleed" (CVE-2023-20593), has been identified in the AMD 7200 series servers running Almalinux. This flaw could potentially lead to data theft at a rate of 30kb per core, per second. Immediate action is required to safeguard your servers against this exploit.
Symptoms:
- Potential unauthorized data access.
- Data theft at a rate of 30kb per core, per second as it passes through the processor.
Solution
Follow the steps below to apply the necessary updates on your Proxmox server:
Update the Linux Firmware:
Execute the command:
Verify the successful installation of the updated Linux firmware package with:
rpm -qa linux-firmware
Update the CPU Microcode:
Apply the microcode update with:
echo 1 > /sys/devices/system/cpu/microcode/reload
Confirm the microcode update with:
lscpu
Check the microcode to ensure it has been updated correctly with:
journalctl -k --grep=microcode
Important Note
This is a critical security update. We urge you to apply these steps immediately to ensure the security of your Almalinux servers against the Zenbleed vulnerability.
For further assistance or questions, please refer to the official Almalinux documentation or community forums.
Your proactive response to this security update is highly recommended to mitigate the risks associated with the Zenbleed vulnerability.