Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. User
Kudos on prompt release of gentoo-sources w/ Zenbleed mitigation
grant.b.edwards at gmail
Jul 25, 2023, 8:19 AM
Post #1 of 4 (162 views)
Permalink
Thanks and well done to the Gentoo Kernel Project for promptly pushing
out 5.15.122, 6.1.41, et alia. Those latest kernels add mitigation for
the "Zenbleed" vulnerability found in AMD Ryzen and Epyc processors.

https://www.theregister.com/2023/07/24/amd_zenbleed_bug/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html

I noticed that my Ubunutu server machines got a kernel update this
morning also, and I assumed that update also contained the Zenbleed
mitigation -- but it did not. Ubuntu apparently has not pushed out
kernel updates for that yet. [.My Ubuntu machines are unaffected, but
I'd be a little worried if they were.]
Re: Kudos on prompt release of gentoo-sources w/ Zenbleed mitigation [ In reply to ]
grant.b.edwards at gmail
Jul 25, 2023, 8:39 AM
Post #2 of 4 (162 views)
Permalink
On 2023-07-25, Grant Edwards <grant.b.edwards@gmail.com> wrote:
> Thanks and well done to the Gentoo Kernel Project for promptly pushing
> out 5.15.122, 6.1.41, et alia. Those latest kernels add mitigation for
> the "Zenbleed" vulnerability found in AMD Ryzen and Epyc processors.

FWIW, Zenbleed affects only "Zen2" family parts:

https://gadgetversus.com/processor/amd-zen-2-processors-list/
https://en.wikipedia.org/wiki/Zen_2

--
Grant
Re: Kudos on prompt release of gentoo-sources w/ Zenbleed mitigation [ In reply to ]
matt at connell
Jul 25, 2023, 11:48 AM
Post #3 of 4 (162 views)
Permalink
On Tue, 2023-07-25 at 15:19 +0000, Grant Edwards wrote:
> Thanks and well done to the Gentoo Kernel Project for promptly pushing
> out 5.15.122, 6.1.41, et alia. Those latest kernels add mitigation for
> the "Zenbleed" vulnerability found in AMD Ryzen and Epyc processors.

Not that I doubt you but is there a link for the specific for the fix?

I'm interested in what the mitigation was and also for "Gentoo being
awesome" propaganda purposes.
Re: Kudos on prompt release of gentoo-sources w/ Zenbleed mitigation [ In reply to ]
peter.bo at web
Jul 25, 2023, 11:59 AM
Post #4 of 4 (162 views)
Permalink
Am Dienstag, 25. Juli 2023, 20:48:23 CEST schrieb Matt Connell:

> Not that I doubt you but is there a link for the specific for the fix?
>
> I'm interested in what the mitigation was and also for "Gentoo being
> awesome" propaganda purposes.

Patch:

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?
h=linux-6.1.y&id=ed9b87010aa84c157096f98c322491e9af8e8f07

https://www.phoronix.com/news/Linux-Mitigate-Zenbleed
=>
https://lock.cmpxchg8b.com/zenbleed.html

Regards,
Peter

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal