Zenbleed Vulnerability Security Update for AMD 7200 Series Servers Running AlmaLinux

Affected Products: AMD 7200 series servers running Almalinux

 

Overview

A critical security vulnerability, termed "Zenbleed" (CVE-2023-20593), has been identified in the AMD 7200 series servers running Almalinux. This flaw could potentially lead to data theft at a rate of 30kb per core, per second. Immediate action is required to safeguard your servers against this exploit.

Symptoms:

  • Potential unauthorized data access.
  • Data theft at a rate of 30kb per core, per second as it passes through the processor.

Solution

Follow the steps below to apply the necessary updates on your Proxmox server:

Update the Linux Firmware:

Execute the command:

dnf update https://build.almalinux.org/pulp/content/builds/AlmaLinux-8-x86_64-7032-br/Packages/l/linux-firmware-20230404-114.git2e92a49f.el8_8.alma.noarch.rpm

Verify the successful installation of the updated Linux firmware package with:

rpm -qa linux-firmware

Update the CPU Microcode:

Apply the microcode update with:

echo 1 > /sys/devices/system/cpu/microcode/reload

Confirm the microcode update with:

lscpu

Check the microcode to ensure it has been updated correctly with:

journalctl -k --grep=microcode

Important Note

This is a critical security update. We urge you to apply these steps immediately to ensure the security of your Almalinux servers against the Zenbleed vulnerability.

For further assistance or questions, please refer to the official Almalinux documentation or community forums.

Your proactive response to this security update is highly recommended to mitigate the risks associated with the Zenbleed vulnerability.


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 256